Lucene search
K

4433 matches found

Tenable Nessus
Tenable Nessus
added 2023/04/10 12:0 a.m.20 views

Debian dla-3385 : trafficserver - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3385 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3385-1 [email protected]...

7.5CVSS6.6AI score0.01886EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2023/04/04 9:36 p.m.29 views

CVE-2023-27491

A flaw was found in Envoy that may allow attackers to send specially crafted HTTP/2 or HTTP/3 requests to trigger parsing errors on the upstream HTTP/1 service...

6.5CVSS8.8AI score0.00869EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/03 1:23 p.m.52 views

Security Bulletin: Operations Dashboard is vulnerable to denial of service due to multiple vulnerabilities in Go

Summary Operations Dashboard is vulnerable to denial of service due to multiple vulnerabilities in Go with details below. Vulnerability Details CVEID:CVE-2022-41724 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when processing large TLS handshake records. By sendin...

7.5CVSS7.9AI score0.04561EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/31 5:18 p.m.39 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Golang Go (CVE-2022-41717)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Golang Go caused by a flaw when handling HTTP/2 requests in the Go server. CVE-2022-41717. Golang Go is included as an operator as part of the Base OS used by our service images. Please...

5.3CVSS6.6AI score0.05623EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/03/30 12:0 a.m.19 views

Fedora 38 : reposurgeon (2023-76d18cf2fa)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-76d18cf2fa advisory. 4.35: 2023-03-21 - Document an importand gotcha about working with CVS. Clean up some annoyances in the build and test machinery. 4.34: 2023-01-24 - Change...

5.3CVSS7.1AI score0.05623EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/03/29 10:29 a.m.38 views

Moderate: Red Hat Security Advisory: Logging Subsystem for Red Hat OpenShift - 5.5.9 security update

An update is now available for Logging Subsystem for Red Hat OpenShift - 5.5.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

5.3CVSS6.8AI score0.05623EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/29 9:53 a.m.37 views

Security Bulletin: IBM Event Streams is affected by a vulnerability in Golang Go (CVE-2022-41717)

Summary This security vulnerability affects the memory growth in Go before version 1.18.9 that is used by IBM Event Streams. Vulnerability Details CVEID:CVE-2022-41717 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw when handling HTTP/2 requests in the Go server. By...

5.3CVSS6.7AI score0.05623EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.33 views

Mageia: Security Advisory (MGASA-2023-0109)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.04561EPSS
Exploits0References8
Mageia
Mageia
added 2023/03/24 5:55 a.m.116 views

Updated golang packages fix security vulnerability

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. CVE-2022-41723 Large handshake records may cause panics in crypto/tls. CVE-2022-41724 Denial of service from excessive...

7.5CVSS6.4AI score0.04561EPSS
Exploits0References6
OSV
OSV
added 2023/03/24 5:55 a.m.8 views

MGASA-2023-0109 Updated golang packages fix security vulnerability

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. CVE-2022-41723 Large handshake records may cause panics in crypto/tls. CVE-2022-41724 Denial of service from excessive...

7.5CVSS6.3AI score0.04561EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/03/24 12:0 a.m.34 views

Fedora 38 : gmailctl (2023-8c02aee138)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-8c02aee138 advisory. Rebuild for CVE-20220-3064,41717,41723 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

7.5CVSS7.1AI score0.05623EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/03/24 12:0 a.m.36 views

Fedora 37 : gmailctl (2023-ca444fdecf)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ca444fdecf advisory. Rebuild for CVE-20220-3064,41717,41723 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

7.5CVSS7.1AI score0.05623EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/03/24 12:0 a.m.29 views

Fedora 36 : gmailctl (2023-abb47e24d8)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-abb47e24d8 advisory. Rebuild for CVE-20220-3064,41717,41723 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

7.5CVSS7.1AI score0.05623EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/03/24 12:0 a.m.27 views

EulerOS 2.0 SP11 : golang (EulerOS-SA-2023-1583)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header...

5.3CVSS7.1AI score0.05623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.80 views

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2023-142)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-142 advisory. http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has no...

7.5CVSS6.8AI score0.04561EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.21 views

EulerOS 2.0 SP11 : golang (EulerOS-SA-2023-1573)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header...

5.3CVSS7.1AI score0.05623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.74 views

SUSE SLES15 Security Update : container-suseconnect (SUSE-SU-2023:0871-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0871-1 advisory. This update of container-suseconnect fixes the following issue: - container-suseconnect was rebuilt against the current go1.19...

7.5CVSS6.7AI score0.04561EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.40 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.18 (SUSE-SU-2023:0869-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0869-1 advisory. - CVE-2022-41723: Fixed a quadratic complexity in HPACK decoding in net/http bsc1208270. -...

7.5CVSS6.7AI score0.04561EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2023/03/20 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-1549)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS7.1AI score0.05623EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/20 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-1524)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS7.1AI score0.05623EPSS
Exploits0References2
Rows per page
Query Builder