Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

43 matches found

Tenable Nessus
Tenable Nessusadded 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2023-39326

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are i...

5.3CVSS6.8AI score0.00123EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/09/05 12:0 a.m.31 views

Amazon Linux 2 : docker (ALASECS-2024-041)

The version of docker installed on the remote host is prior to 25.0.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2024-041 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read man...

10CVSS7AI score0.10301EPSS
Exploits0References12
Tenable Nessus
Tenable Nessusadded 2024/08/29 12:0 a.m.48 views

Amazon Linux 2 : docker (ALASDOCKER-2024-044)

The version of docker installed on the remote host is prior to 25.0.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2024-044 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read...

10CVSS7AI score0.10301EPSS
Exploits0References12
Amazon
Amazonadded 2024/08/06 12:0 a.m.22 views

Medium: nerdctl

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

9.8CVSS7.8AI score0.75268EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2024/07/22 12:0 a.m.31 views

EulerOS 2.0 SP8 : golang (EulerOS-SA-2024-2030)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the...

7.5CVSS7.8AI score0.75268EPSS
Exploits1References3
Amazon
Amazonadded 2024/05/30 12:0 a.m.29 views

Medium: golist

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

7.5CVSS8AI score0.75268EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2024/05/28 12:0 a.m.24 views

Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2024-631)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-631 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP clie...

7.5CVSS7.7AI score0.75268EPSS
Exploits1References6
Amazon
Amazonadded 2024/05/15 12:0 a.m.40 views

Medium: cni-plugins

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

5.3CVSS7.2AI score0.00123EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2024/05/13 12:0 a.m.24 views

Amazon Linux 2023 : ecs-init (ALAS2023-2024-619)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-619 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can...

5.3CVSS6.9AI score0.00123EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2024/05/06 12:0 a.m.37 views

Oracle Linux 9 : podman (ELSA-2024-2193)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2193 advisory. - Rebuild for following CVEs: CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 - rebuild for following CVEs: CVE-2023-25173 CVE-2022-41724...

9.8CVSS7.3AI score0.00759EPSS
Exploits2References3
Tenable Nessus
Tenable Nessusadded 2024/05/06 12:0 a.m.32 views

Oracle Linux 9 : containernetworking-plugins (ELSA-2024-2272)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2272 advisory. - rebuild for following CVEs: CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540...

9.8CVSS7.2AI score0.00759EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/04/02 12:0 a.m.23 views

Oracle Linux 9 : olcne (ELSA-2024-12261)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12261 advisory. - Update modules and components built with golang 1.20.12 to address CVE-2023-39326 Tenable has extracted the preceding description block directly from the...

5.3CVSS7AI score0.00123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/04/02 12:0 a.m.21 views

Oracle Linux 8 : olcne (ELSA-2024-12263)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12263 advisory. - Update modules and components built with golang 1.20.12 to address CVE-2023-39326 Tenable has extracted the preceding description block directly from the...

5.3CVSS7AI score0.00123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/03/20 12:0 a.m.43 views

Oracle Linux 8 : conmon (ELSA-2024-12226)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12226 advisory. - address CVE-2023-39326 cri-o - Fixed CVE-2023-39325: bump golang.org/x/net to v0.17.0 cri-tools - Address CVE-2023-39326 etcd - Address CVE-2023-39326 by...

7.5CVSS7.3AI score0.944EPSS
Exploits19References2
OpenVAS
OpenVASadded 2024/03/12 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1236)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.00123EPSS
Exploits0References2
OpenVAS
OpenVASadded 2024/03/12 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1214)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.00123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/03/07 12:0 a.m.38 views

AlmaLinux 9 : skopeo (ALSA-2024:1149)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1149 advisory. - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in...

5.3CVSS7AI score0.00123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/03/07 12:0 a.m.25 views

AlmaLinux 9 : golang (ALSA-2024:1131)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1131 advisory. - A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network th...

7.5CVSS7.1AI score0.00123EPSS
Exploits0References3
OSV
OSVadded 2024/03/06 10:53 a.m.47 views

BIT-GOLANG-2023-39326 Denial of service via chunk extensions in net/http

A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data up to about...

5.3CVSS6.7AI score0.00123EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2024/03/05 12:0 a.m.38 views

RHEL 9 : golang (RHSA-2024:1131)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1131 advisory. The golang packages provide the Go programming language compiler. Security Fixes: golang: net/http/internal: Denial of Service DoS via...

7.5CVSS7.2AI score0.00123EPSS
Exploits0References7
Rows per page
Query Builder