Lucene search
K

69 matches found

OSV
OSV
added 2026/06/29 1:29 p.m.2 views

SUSE-SU-2026:2683-1 Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issues: - CVE-2026-39821: Update golang.org/x/net dependency bsc1266604...

9.6CVSS6.7AI score0.00478EPSS
Exploits0References3
OSV
OSV
added 2026/02/05 5:23 p.m.7 views

GO-2026-4440 Quadratic parsing complexity in golang.org/x/net/html

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

5.3CVSS8.2AI score0.00502EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-11453

Malicious code in bioql PyPI...

6.5CVSS6.8AI score0.00478EPSS
Exploits0References6
Veracode
Veracode
added 2025/01/07 7:40 a.m.8 views

Denial Of Service (DoS)

golang.org/x/net is vulnerable to Denial Of Service DoS. The vulnerability is due to non-linear processing of input length, which causes excessive parsing delays and allows an attacker to craft input that results in a denial of service...

5.3CVSS5.7AI score0.00874EPSS
Exploits0References9Affected Software3
RedHat Linux
RedHat Linux
added 2024/12/05 12:33 a.m.62 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.42 bug fix and security update

Red Hat OpenShift Container Platform release 4.14.42 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

7.5CVSS7AI score0.99999EPSS
Exploits19References14
Veracode
Veracode
added 2024/07/16 8:34 a.m.19 views

Denial Of Service (DoS)

golang.org/x/net is vulnerable to Denial Of Service DoS. The vulnerability is due to the client mishandling cases where a server responds with a non-informational status, which leaves the client connection in an invalid state. Attackers can exploit this by sending "Expect: 100-continue" requests ...

7.5CVSS6.8AI score0.01414EPSS
Exploits0References8Affected Software2
OSV
OSV
added 2024/07/15 5:55 p.m.35 views

GHSA-QC6V-5G5M-8CW2 ZITADEL Go's GRPC example code vulnerability - GO-2024-2687 HTTP/2 CONTINUATION flood in net/http

Summary Applications using the zitadel-go v3 library next branch might be impacted by package vulnerabilities. The output of govulncheck suggests that only example code seems to be impacted, based on 1 of the 3 potential vulnerabilities. This vulnerability is located in the transitive dependency...

6.9CVSS8.4AI score0.91969EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2024/07/15 5:55 p.m.42 views

ZITADEL Go's GRPC example code vulnerability - GO-2024-2687 HTTP/2 CONTINUATION flood in net/http

Summary Applications using the zitadel-go v3 library next branch might be impacted by package vulnerabilities. The output of govulncheck suggests that only example code seems to be impacted, based on 1 of the 3 potential vulnerabilities. This vulnerability is located in the transitive dependency...

7.5CVSS7.3AI score0.91969EPSS
Exploits1References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.27 views

RHEL 9 : mcg (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding CVE-2022-41723 Note that Nessus has...

7.5CVSS7.8AI score0.04561EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.36 views

EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2024-1785)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache...

7.8CVSS7.1AI score0.04561EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/05/30 12:0 a.m.29 views

EulerOS 2.0 SP12 : docker-engine (EulerOS-SA-2024-1738)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service fro...

7.5CVSS7AI score0.04561EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/05/08 9:15 a.m.32 views

CVE-2024-4438

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Ha...

7.5CVSS7.1AI score0.99999EPSS
Exploits19References3
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.33 views

Fedora 40 : dnsx (2023-2e09477fbc)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-2e09477fbc advisory. Automatic update for dnsx-1.1.6-1.fc40. Changelog Thu Nov 16 2023 Mikel Olasagasti Uranga - 1.1.6-1 - Update to 1.1.6 - Closes rhbz2249448 rhbz2248264 Tenabl...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.20 views

Fedora 40 : exercism (2024-35c28f59d1)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-35c28f59d1 advisory. Update to latest version Security fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security...

7.5CVSS7.1AI score0.03796EPSS
Exploits0References2
Veracode
Veracode
added 2024/04/05 7:19 a.m.40 views

Denial Of Service (DOS)

golang.org/x/net is vulnerable to Denial Of Service DoS. The vulnerability is due to a lack of header frame limits, allowing an attacker to send excessive CONTINUATION frames which causes the endpoint to read arbitrary amounts of header data without proper memory allocation limits...

7.5CVSS6.7AI score0.91969EPSS
Exploits1References11Affected Software4
Tenable Nessus
Tenable Nessus
added 2024/03/07 12:0 a.m.23 views

Fedora 39 : golang-github-tdewolff-argp / golang-github-tdewolff-minify / etc (2024-c3e32c5635)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-c3e32c5635 advisory. Update to latest version Security fix for CVE-2023-39325 Tenable has extracted the preceding description block directly from the Fedora security advisory. No...

7.5CVSS7AI score0.03796EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 10:53 a.m.35 views

BIT-GOLANG-2023-39325 HTTP/2 rapid reset can cause excessive work in net/http

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...

7.5CVSS7.3AI score0.03796EPSS
Exploits0References44
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.147 views

RHEL 8 / 9 : OpenShift Container Platform 4.15.0 (RHSA-2023:7201)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7201 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

7.5CVSS7.3AI score0.99999EPSS
Exploits23References16
Tenable Nessus
Tenable Nessus
added 2023/12/21 12:0 a.m.48 views

Oracle Linux 8 : conmon (ELSA-2023-13054)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-13054 advisory. - Resolve CVE-2023-39325 - Resolve CVE-2023-39325 - Resolve CVE-2023-39325 - Resolve CVE-2023-44487 and CVE-2023-39325 - address CVE-2023-44487 and...

8.2CVSS7.4AI score0.99999EPSS
Exploits20References3
Tenable Nessus
Tenable Nessus
added 2023/12/08 12:0 a.m.49 views

Oracle Linux 7 : conmon (ELSA-2023-13029)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-13029 advisory. - Resolve CVE-2023-39325 - Resolve CVE-2023-39325 cri-tools - Resolve CVE-2023-39325 flannel-cni-plugin - Resolve CVE-2023-44487 and CVE-2023-39325 he...

8.2CVSS7.4AI score0.99999EPSS
Exploits20References3
Rows per page
Query Builder