50 matches found
EUVD-2026-27514
In Paramiko through 4.0.0 before a448945, rsakey.py allows the SHA-1 algorithm...
GHSA-R374-RXX8-8654 Paramiko rsakey.py allows the SHA-1 algorithm
In Paramiko through 4.0.0 before a448945, rsakey.py allows the SHA-1 algorithm...
Astra Linux – Vulnerability in Golang-1.19
Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/TLS clients, as well as servers that have Config.ClientAuth set to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default...
EUVD-2026-4769
In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...
MiracleLinux 9 : gvisor-tap-vsock-0.7.3-5.el9_4.ML.1 (AXSA:2024-8751:04)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8751:04 advisory. golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2024-24783 Tenable has extracted the preceding description block...
MiracleLinux 9 : podman-4.9.4-10.el9_4 (AXSA:2024-8754:08)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8754:08 advisory. golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2024-24783 go-retryablehttp: url might write sensitive...
MiracleLinux 8 : container-tools:rhel8 (AXSA:2024-8686:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8686:01 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in...
EUVD-2024-22161
Malicious code in bioql PyPI...
SUSE-SU-2025:20538-1 Security update for libgcrypt
This update for libgcrypt fixes the following issues: - CVE-2024-2236: Fixed timing based side-channel in RSA implementation bsc1221107...
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...
Moderate: skopeo security update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2024-24783 For more details about the...
SUSE CVE-2022-48831
In the Linux kernel, the following vulnerability has been resolved: ima: fix reference leak in asymmetricverify Don't leak a reference to the key if its algorithm is unknown...
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...
Medium: golang
Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...
EulerOS 2.0 SP10 : golang (EulerOS-SA-2024-1589)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward...
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...