Lucene search
K

54 matches found

OSV
OSV
added 2026/01/28 7:8 p.m.5 views

GO-2026-4340 Handshake messages may be processed at the incorrect encryption level in crypto/tls

During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...

5.3CVSS5.8AI score0.00276EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-44896

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.01111EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2025/09/04 8:14 a.m.5 views

Panic on large handshake records in crypto/tls

...

7.5CVSS7AI score0.01111EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/04/23 12:0 a.m.35 views

RHEL 8 : OpenShift Virtualization 4.14.1 RPMs (RHSA-2023:7672)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7672 advisory. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains...

7.5CVSS7.2AI score0.01231EPSS
Exploits0References8
OSV
OSV
added 2024/03/06 10:57 a.m.28 views

BIT-GOLANG-2022-41724 Panic on large handshake records in crypto/tls

Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session...

7.5CVSS7.6AI score0.01111EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.31 views

CentOS 9 : toolbox-0.0.99.4-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the toolbox-0.0.99.4-3.el9 build changelog. - Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause...

9.8CVSS7.3AI score0.02281EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.30 views

CentOS 9 : skopeo-1.12.0-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the skopeo-1.12.0-3.el9 build changelog. - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service...

9.8CVSS7.4AI score0.04561EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.31 views

CentOS 9 : runc-1.1.7-2.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the runc-1.1.7-2.el9 build changelog. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a...

7.8CVSS7AI score0.01663EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.34 views

RHCOS 4 : OpenShift Container Platform 4.13.1 (RHSA-2023:3303)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3303 advisory. - golang: crypto/tls: large handshake records may cause panics CVE-2022-41724 Note that Nessus has not tested for this issue but has instead...

7.5CVSS6.9AI score0.01111EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.37 views

RHCOS 4 / 9 : OpenShift Container Platform 4.13.2 (RHSA-2023:3366)

The remote Red Hat Enterprise Linux CoreOS 4 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3366 advisory. - golang: crash in a golang.org/x/crypto/ssh server CVE-2022-27191 - golang: path/filepath: path-filepath filepath.Clean path...

9.8CVSS7AI score0.03931EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2023/11/16 12:0 a.m.35 views

Oracle Linux 9 : skopeo (ELSA-2023-6363)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6363 advisory. - rebuild for following CVEs: CVE-2022-41724 CVE-2022-41725 CVE-2023-24537 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539...

9.8CVSS7.1AI score0.04561EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2023/11/14 4:3 p.m.3 views

golang: crypto/tls: large handshake records may cause panics

A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition...

7.5CVSS6.6AI score0.01111EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/11/14 3:32 p.m.4 views

golang: crypto/tls: large handshake records may cause panics

A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition...

7.5CVSS6.6AI score0.01111EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/11/07 9:1 a.m.3 views

golang: crypto/tls: large handshake records may cause panics

A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition...

7.5CVSS6.6AI score0.01111EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/11/07 8:52 a.m.4 views

golang: crypto/tls: large handshake records may cause panics

A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition...

7.5CVSS6.6AI score0.01111EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/11/07 8:47 a.m.4 views

golang: crypto/tls: large handshake records may cause panics

A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition...

7.5CVSS6.6AI score0.01111EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/11/07 8:39 a.m.6 views

golang: crypto/tls: large handshake records may cause panics

A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition...

7.5CVSS6.6AI score0.01111EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.39 views

RHEL 9 : runc (RHSA-2023:6380)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6380 advisory. The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes:...

7.8CVSS6.8AI score0.01663EPSS
Exploits3References14
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.39 views

RHEL 9 : podman (RHSA-2023:6474)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6474 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use contain...

9.8CVSS6.8AI score0.04561EPSS
Exploits1References47
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.42 views

RHEL 9 : buildah (RHSA-2023:6473)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6473 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...

9.8CVSS7AI score0.04561EPSS
Exploits1References26
Rows per page
Query Builder