Lucene search
K

46 matches found

RedHat Linux
RedHat Linux
added 4 days ago7 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters

A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during...

7.5CVSS7AI score0.00415EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 4 days ago6 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
Rockylinux
Rockylinux
added last week6 views

container-tools:rhel8 security update

An update is available for module.netavark, module.runc, slirp4netns, module.libslirp, criu, module.udica, module.oci-seccomp-bpf-hook, udica, toolbox, netavark, container-selinux, module.python-podman, module.crun, python-podman, module.containers-common, module.conmon, oci-seccomp-bpf-hook,...

9.1CVSS6.9AI score0.00651EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/07/06 5:18 a.m.4 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
OSV
OSV
added 2026/06/30 9:4 a.m.4 views

SUSE-SU-2026:2693-1 Security update for podman

This update for podman fixes the following issues - CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of service bsc1262856. - CVE-2026-39829,CVE-2026-39830,CVE-2026-42508,CVE-2026-46598:...

9.1CVSS6.7AI score0.00651EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 10:14 p.m.4 views

GHSA-F5WC-C3C7-36MC golang.org/x/crypto doesn't drop invoking agent constraints when forwarding keys

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

9.1CVSS6AI score0.00525EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/06/25 12:7 a.m.10 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters

A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during...

7.5CVSS5.8AI score0.00415EPSS
Exploits0References9
OSV
OSV
added 2026/06/11 3:29 p.m.7 views

OPENSUSE-SU-2026:20956-1 Security update for trivy

This update for trivy fixes the following issues - CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267047. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...

10CVSS5.5AI score0.00781EPSS
Exploits0References26
Microsoft CVE
Microsoft CVE
added 2026/05/27 8:17 a.m.18 views

Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent

...

5.3CVSS5.8AI score0.00313EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/27 8:16 a.m.20 views

Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh

...

8.8CVSS5.8AI score0.00314EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/27 8:15 a.m.15 views

Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh

...

9.1CVSS5.8AI score0.00466EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/27 8:15 a.m.14 views

Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh

...

7.5CVSS5.8AI score0.00394EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/27 8:13 a.m.12 views

Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh

...

7.5CVSS5.8AI score0.00359EPSS
Exploits0
CVE
CVE
added 2026/05/22 2:31 a.m.184 views

CVE-2026-46595

CVE-2026-46595 affects golang.org/x/crypto/ssh. The issue arises when VerifiedPublicKeyCallback is invoked with a callback type other than public key, causing the source-address validation to be bypassed and enabling an authorization bypass. The description notes this is a continuation of CVE-202...

10CVSS5.8AI score0.0044EPSS
Exploits0References24Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/22 2:31 a.m.8 views

CVE-2026-42508 Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts

Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @revoked...

5.8AI score0.00487EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/22 2:31 a.m.8 views

CVE-2026-46597 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh

An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...

5.8AI score0.00359EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/22 2:31 a.m.10 views

CVE-2026-39828 Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...

5.8AI score0.00314EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/22 2:31 a.m.73 views

CVE-2026-46597 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh

An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...

0.00359EPSS
Exploits0References4
CVE
CVE
added 2026/05/22 2:31 a.m.57 views

CVE-2026-46597

CVE-2026-46597 describes an incorrectly placed cast from bytes to int that can cause a server-side panic in the AES-GCM packet decoder when processing crafted inputs. The entry lists high availability impact with network-based exploitability and no privileges required, but the provided documents ...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/27 12:26 p.m.5 views

SUSE-SU-2026:1118-1 Security update for docker-stable

This update for docker-stable fixes the following issues: - CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption bsc1253904...

9.9CVSS7AI score0.16496EPSS
Exploits0References9
Rows per page
Query Builder