Lucene search
K

30 matches found

OSV
OSV
added 2026/07/02 7:2 a.m.3 views

OPENSUSE-SU-2026:21205-1 Security update for docker-stable

This update for docker-stable fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260279. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...

9.6CVSS6.6AI score0.08123EPSS
Exploits2References12
OSV
OSV
added 2026/06/30 8:53 a.m.6 views

SUSE-SU-2026:2692-1 Security update for docker

This update for docker fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265782. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass...

9.6CVSS7.8AI score0.00781EPSS
Exploits0References9
OSV
OSV
added 2026/06/26 7:6 a.m.3 views

SUSE-SU-2026:2640-1 Security update for containerd

This update for containerd fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260296. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...

9.6CVSS6.7AI score0.01557EPSS
Exploits1References9
OSV
OSV
added 2026/06/26 7:6 a.m.3 views

SUSE-SU-2026:2639-1 Security update for containerd

This update for containerd fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260296. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...

9.6CVSS6.7AI score0.01557EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.8 views

SUSE SLES12 Security Update : containerd (SUSE-SU-2026:2640-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2640-1 advisory. This update for containerd fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation...

9.6CVSS6.6AI score0.01557EPSS
Exploits1References13
OSV
OSV
added 2026/06/25 12:44 p.m.3 views

OPENSUSE-SU-2026:21060-1 Security update for docker

This update for docker fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265782. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass...

9.6CVSS7.3AI score0.00781EPSS
Exploits0References8
OSV
OSV
added 2026/06/20 6:52 a.m.2 views

SUSE-SU-2026:22193-1 Security update for mcphost

This update for mcphost fixes the following issues - CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267109. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...

10CVSS5.9AI score0.00781EPSS
Exploits0References25
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.7 views

SUSE SLES15 Security Update : kubernetes1.26 (SUSE-SU-2026:2325-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2325-1 advisory. This update for kubernetes1.26 fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transpo...

8.7CVSS5.5AI score0.00781EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.8 views

SUSE SLES15 Security Update : kubernetes1.27 (SUSE-SU-2026:2339-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2339-1 advisory. This update for kubernetes1.27 fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transpo...

8.7CVSS5.5AI score0.00781EPSS
Exploits0References8
OSV
OSV
added 2026/06/11 2:3 p.m.9 views

SUSE-SU-2026:2372-1 Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265764. Changes for google-cloud-sap-agent: - Update to version 3.14 bsc1265991...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References4
OSV
OSV
added 2026/06/10 1:16 p.m.11 views

SUSE-SU-2026:2344-1 Security update for kubernetes1.28

This update for kubernetes1.28 fixes the following issues: Security fixes: - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. - CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to...

8.7CVSS5.4AI score0.00781EPSS
Exploits0References6
OSV
OSV
added 2026/06/09 2:34 p.m.6 views

SUSE-SU-2026:2325-1 Security update for kubernetes1.26

This update for kubernetes1.26 fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. - CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

8.7CVSS5.4AI score0.00781EPSS
Exploits0References6
OSV
OSV
added 2026/06/09 12:51 p.m.5 views

SUSE-SU-2026:2315-1 Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. - CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

8.7CVSS5.4AI score0.00781EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2026/06/09 12:51 p.m.7 views

Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265740. CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References10
Amazon
Amazon
added 2026/06/08 12:0 a.m.21 views

Important: ecs-init

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.9AI score0.00813EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Amazon Linux 2023 : ecs-init (ALAS2023-2026-1771)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1771 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

7.5CVSS5.9AI score0.00813EPSS
Exploits0References16
OSV
OSV
added 2026/05/28 3:46 p.m.5 views

SUSE-SU-2026:21915-1 Security update for helm

This update for helm fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265758. - CVE-2026-41888: github.com/distribution/distribution/v3: tag deletion bypasses the storage.delete.enabled configuration...

7.5CVSS5.8AI score0.00781EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.16 views

Amazon Linux 2 : runc, --advisory ALAS2ECS-2026-119 (ALASECS-2026-119)

The version of runc installed on the remote host is prior to 1.3.4-5. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-119 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a...

7.5CVSS7.5AI score0.00813EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.19 views

Amazon Linux 2 : golang, --advisory ALAS2-2026-3313 (ALAS-2026-3313)

The version of golang installed on the remote host is prior to 1.25.10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3313 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a...

7.5CVSS7.7AI score0.00813EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.18 views

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-105 (ALASNITRO-ENCLAVES-2026-105)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-105 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of ...

7.5CVSS7.5AI score0.00813EPSS
Exploits0References16
Rows per page
Query Builder