Lucene search
K

9 matches found

SUSE Linux
SUSE Linux
added 2026/05/27 3:14 p.m.10 views

Security update for google-guest-agent

This update for google-guest-agent fixes the following issue CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260264. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like Ya...

8.6CVSS6.7AI score0.01557EPSS
Exploits1References4
OSV
OSV
added 2026/05/26 12:17 p.m.8 views

OPENSUSE-SU-2026:20815-1 Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues - CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too many headers bsc1236533. - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header...

9.1CVSS5.8AI score0.91969EPSS
Exploits2References4
OSV
OSV
added 2026/05/17 9:24 p.m.7 views

OPENSUSE-SU-2026:20809-1 Security update for trivy

This update for trivy fixes the following issues - CVE-2025-64702: github.com/quic-go/quic-go/http3: quic-go HTTP/3 QPACK Header Expansion DoS bsc1255366. - CVE-2025-69725: github.com/go-chi/chi/v5: incorrect input validation in the RedirectSlashes function can lead to an open redirect bsc1258513...

9.8CVSS6.6AI score0.01557EPSS
Exploits1References18
OSV
OSV
added 2026/04/22 10:9 a.m.4 views

SUSE-SU-2026:21370-1 Security update for ignition

This update for ignition fixes the following issue: - CVE-2026-33186: Fixed an authorization bypass due to improper validation of the HTTP/2: path pseudo-header bsc1260251...

9.1CVSS7.5AI score0.01557EPSS
Exploits1References3
OSV
OSV
added 2026/04/16 10:27 a.m.7 views

SUSE-SU-2026:1395-1 Security update for azure-storage-azcopy

This update for azure-storage-azcopy fixes the following issues: - CVE-2026-33186: Authorization bypass in grpc-go due to improper validation of the HTTP/2 :path pseudo-header bsc1260307...

9.1CVSS5.8AI score0.01557EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/15 12:0 a.m.3 views

SUSE SLES15 / openSUSE 15 Security Update : ignition (SUSE-SU-2026:1314-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1314-1 advisory. This update for ignition fixes the following issue: - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper...

9.1CVSS5.9AI score0.01557EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/03/25 12:23 a.m.9 views

SUSE CVE-2026-33186

gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the :path omitted the mandatory...

8.1CVSS6AI score0.01557EPSS
Exploits1References72
AlpineLinux
AlpineLinux
added 2026/03/20 10:23 p.m.2 views

CVE-2026-33186

gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the :path omitted the mandatory...

9.1CVSS5.9AI score0.01557EPSS
Exploits1
Snyk
Snyk
added 2026/03/18 8:10 p.m.3 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the processing of HTTP/2 :path pseudo-headers in handleStream. An attacker can gain unauthorized access to restricted resources by sending requests with malformed :path headers that omit the leading slash. Thi...

9.3CVSS5.8AI score0.01557EPSS
Exploits1References2
Rows per page
Query Builder