Lucene search
K

79 matches found

OSV
OSV
added 2024/12/12 2:2 a.m.5 views

AZL-54330 CVE-2024-45337 affecting package packer for versions less than 1.9.5-4

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.9 views

AZL-54353 CVE-2024-45337 affecting package cri-o 1.30.1-1

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.6 views

AZL-54363 CVE-2024-45337 affecting package telegraf for versions less than 1.31.0-3

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.8 views

AZL-54286 CVE-2024-45337 affecting package moby-compose for versions less than 2.17.3-9

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.8 views

AZL-54315 CVE-2024-45337 affecting package podman 4.1.1-26

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.7 views

AZL-54333 CVE-2024-45337 affecting package kubevirt for versions less than 1.2.0-11

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.7 views

AZL-54317 CVE-2024-45337 affecting package cert-manager for versions less than 1.11.2-16

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.10 views

AZL-54357 CVE-2024-45337 affecting package moby-engine for versions less than 25.0.3-9

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.8 views

AZL-54372 CVE-2024-45337 affecting package cert-manager for versions less than 1.12.13-2

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.5 views

AZL-54290 CVE-2024-45337 affecting package packer for versions less than 1.9.5-5

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.3 views

AZL-54281 CVE-2024-45337 affecting package telegraf for versions less than 1.29.4-10

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.8 views

AZL-54345 CVE-2024-45337 affecting package docker-buildx for versions less than 0.14.0-2

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.6 views

AZL-54327 CVE-2024-45337 affecting package cf-cli for versions less than 8.7.3-4

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.7AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.7 views

AZL-54320 CVE-2024-45337 affecting package moby-engine for versions less than 24.0.9-13

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS7.2AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.4 views

DEBIAN-CVE-2024-45337

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS7.2AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.12 views

AZL-54384 CVE-2024-45337 affecting package gh for versions less than 2.62.0-3

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.11 views

UBUNTU-CVE-2024-45337

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References9
SUSE CVE
SUSE CVE
added 2024/11/02 3:54 a.m.4 views

SUSE CVE-2024-39223

An authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback function to ssh.InsecureIgnoreHostKey...

9.8CVSS7.2AI score0.00696EPSS
Exploits0References5
OSV
OSV
added 2024/07/03 3:15 p.m.4 views

UBUNTU-CVE-2024-39223

An authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback function to ssh.InsecureIgnoreHostKey...

9.8CVSS7.1AI score0.00696EPSS
Exploits0References5
Rows per page
Query Builder