Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2927

Malicious code in bioql PyPI...

7.5CVSS6.2AI score0.01592EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.37 views

CBL Mariner 2.0 Security Update: containerd / cri-tools / docker-buildx / docker-compose / moby-containerd-cc (CVE-2023-47108)

The version of containerd / cri-tools / docker-buildx / docker-compose / moby-containerd-cc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-47108 advisory. - OpenTelemetry-Go Contrib is a collecti...

7.5CVSS6.9AI score0.01592EPSS
Exploits0References2
OSV
OSV
added 2024/06/27 6:0 p.m.32 views

GO-2023-2331 Denial of service in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc

The grpc Unary Server Interceptor created by the otelgrpc package added the labels net.peer.sock.addr and net.peer.sock.port with unbounded cardinality. This can lead to the server's potential memory exhaustion when many malicious requests are sent. This leads to a denial-of-service...

7.5CVSS7.6AI score0.01592EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/31 12:0 a.m.48 views

RHCOS 4 : OpenShift Container Platform 4.12.48 (RHSA-2024:0489)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0489 advisory. - opentelemetry-go-contrib: DoS vulnerability in otelgrpc due to unbound cardinality metrics CVE-2023-47108 Note that Nessus has not tested f...

7.5CVSS6.9AI score0.01592EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/01/31 12:0 a.m.47 views

RHEL 8 : OpenShift Container Platform 4.12.48 (RHSA-2024:0489)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0489 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...

7.5CVSS7.1AI score0.01592EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.45 views

RHCOS 4 : OpenShift Container Platform 4.14.9 (RHSA-2024:0207)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0207 advisory. - cri-o: Pods are able to break out of resource confinement on cgroupv2 CVE-2023-6476 - opentelemetry-go-contrib: DoS vulnerability ...

7.5CVSS7AI score0.01592EPSS
Exploits0References7
Amazon
Amazon
added 2024/01/22 12:0 a.m.57 views

Important: amazon-cloudwatch-agent

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 A malicious HTTP sender can use chunk extensions to cause a receiver...

7.5CVSS7.9AI score0.03796EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/18 12:0 a.m.47 views

RHEL 8 / 9 : OpenShift Container Platform 4.14.9 (RHSA-2024:0207)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0207 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

7.5CVSS7.1AI score0.01592EPSS
Exploits0References7
Prion
Prion
added 2023/11/10 7:15 p.m.39 views

Code injection

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the server's potential memory exhaustio...

5CVSS7AI score0.01592EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2023/11/10 6:31 p.m.966 views

CVE-2023-47108

The CVE-2023-47108 issue affects OpenTelemetry-Go Contrib's grpc Unary Server Interceptor in versions >=0.37.0 and

7.5CVSS6AI score0.01592EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/10 6:31 p.m.18 views

CVE-2023-47108 DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...

7.5CVSS6AI score0.01592EPSS
Exploits0References7
Rows per page
Query Builder