Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Positive Technologies
Positive Technologiesadded 2023/08/08 12:0 a.m.2 views

PT-2023-27004 · Go-Libp2P · Go-Libp2P

Name of the Vulnerable Software and Affected Versions: go-libp2p versions prior to 0.27.8 go-libp2p versions prior to 0.28.2 go-libp2p versions prior to 0.29.1 Description: A malicious peer can use large RSA keys to run a resource exhaustion attack and force a node to spend time doing signature...

7.5CVSS7.3AI score0.00126EPSS
Exploits1References16
OSV
OSVadded 2023/08/02 8:15 p.m.2 views

AZL-37302 CVE-2023-29409 affecting package golang for versions less than 1.21.6-1

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

5.3CVSS6.6AI score0.00122EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2023/08/02 12:0 a.m.4 views

PT-2023-5588 · Unknown +8 · Crypto/Tls +8

Name of the Vulnerable Software and Affected Versions: crypto/tls affected versions not specified Description: The issue is related to extremely large RSA keys in certificate chains, which can cause a client/server to expend significant CPU time verifying signatures. With the fix, the size of RSA...

9.8CVSS6.5AI score0.944EPSS
Exploits27References435
Rows per page
Query Builder