Lucene search
+L

12 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.13 views

Alibaba Cloud Linux 3 : 0187: podman (ALINUX3-SA-2026:0187)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0187 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-25679: url.Parse insufficiently...

7.5CVSS6.8AI score0.00728EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/06 5:18 a.m.4 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS6.7AI score0.00651EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.9 views

RockyLinux 8 : container-tools:rhel8 (RLSA-2026:33722)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:33722 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial...

7.5CVSS6.9AI score0.00728EPSS
Exploits0References11
OSV
OSV
added 2026/06/26 7:6 a.m.3 views

SUSE-SU-2026:2639-1 Security update for containerd

This update for containerd fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260296. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...

9.6CVSS6.7AI score0.01557EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2026/06/22 11:36 a.m.20 views

Important: Red Hat Security Advisory: osbuild-composer security update

An update for osbuild-composer is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.1CVSS7.2AI score0.01557EPSS
Exploits1References3
OSV
OSV
added 2026/06/22 9:4 a.m.9 views

SUSE-SU-2026:22249-1 Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues - CVE-2023-45288: golang.org/x/net/http2: close connections when receiving too many headers. - CVE-2025-47911: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents bsc1251453. -...

10CVSS7AI score0.91969EPSS
Exploits3References32
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.7 views

SUSE SLES15 Security Update : azure-storage-azcopy (SUSE-SU-2026:2466-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2466-1 advisory. This update for azure-storage-azcopy fixes the following issues Update to 10.32.4: - CVE-2025-47907: database/sql: incorrect result...

9.6CVSS6.7AI score0.01557EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.12 views

SUSE SLED15 / SLES15 Security Update : alloy (SUSE-SU-2026:2438-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2438-1 advisory. This update for alloy fixes the following issues Security issues: - CVE-2026-4427: github.com/jackc/pgproto3/v...

9.1CVSS6.8AI score0.01557EPSS
Exploits1References17
OSV
OSV
added 2026/06/17 2:45 p.m.6 views

SUSE-SU-2026:2438-1 Security update for alloy

This update for alloy fixes the following issues Security issues: - CVE-2026-4427: github.com/jackc/pgproto3/v2: improper validation of field length allows a malicious PostgreSQL server to crash a client application via a DataRow message bsc1259919. - CVE-2026-25934: github.com/go-git/go-git/v5:...

9.1CVSS6.5AI score0.01557EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.21 views

RockyLinux 9 : opentelemetry-collector (RLSA-2026:19353)

The remote RockyLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2026:19353 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go:...

9.1CVSS5.8AI score0.01557EPSS
Exploits1References17
RedhatCVE
RedhatCVE
added 2025/05/23 1:10 a.m.11 views

CVE-2022-36083

JOSE is "JSON Web Almost Everything" - JWA, JWS, JWE, JWT, JWK, JWKS with no dependencies using runtime's native crypto in Node.js, Browser, Cloudflare Workers, Electron, and Deno. The PBKDF2-based JWE key management algorithms expect a JOSE Header Parameter named p2c PBES2 Count, which determine...

5.3CVSS6.9AI score0.01112EPSS
Exploits1
OSV
OSV
added 2024/03/09 1:15 a.m.11 views

AZL-35887 CVE-2024-28180 affecting package moby-containerd-cc for versions less than 1.7.7-6

Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if t...

4.3CVSS6.4AI score0.01956EPSS
Exploits0References1
Rows per page
Query Builder