Lucene search
K

11 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux - Vulnerability in Golang-1.19

Extremely large RSA keys in certificate chains can cause clients and servers to spend significant CPU time verifying signatures. With this fix, the size of RSA keys transmitted during handshake operations is limited to 8192 bits or less. Based on a survey of publicly trusted RSA keys, there are...

5.3CVSS6.7AI score0.01328EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.11 views

Amazon Linux 2 : containerd, --advisory ALAS2DOCKER-2026-127 (ALASDOCKER-2026-127)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-127 advisory. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded...

10CVSS7AI score0.005EPSS
Exploits0References28
SUSE CVE
SUSE CVE
added 2026/05/23 1:29 a.m.20 views

SUSE CVE-2026-39829

The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public...

7.5CVSS5.8AI score0.004EPSS
Exploits0References28
Amazon
Amazon
added 2023/09/20 12:0 a.m.7 views

Important: amazon-ecr-credential-helper

Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...

6.5CVSS7.1AI score0.01328EPSS
Exploits0
Amazon
Amazon
added 2023/09/07 12:0 a.m.7 views

Important: cni-plugins

Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send...

7.5CVSS6.9AI score0.04561EPSS
Exploits0
OSV
OSV
added 2023/08/26 11:5 a.m.3 views

OESA-2023-1530 golang security update

The Go Programming Language. Security Fixes: Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trust...

5.3CVSS5.4AI score0.01328EPSS
Exploits0References2
OSV
OSV
added 2023/08/26 11:5 a.m.5 views

OESA-2023-1531 golang security update

The Go Programming Language. Security Fixes: Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trust...

5.3CVSS5.4AI score0.01328EPSS
Exploits0References2
Amazon
Amazon
added 2023/08/25 12:0 a.m.8 views

Medium: containerd

Issue Overview: 2023-10-11: The severity level was changed from Important to Medium. Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192...

5.3CVSS7.1AI score0.01328EPSS
Exploits0
Amazon
Amazon
added 2023/08/25 12:0 a.m.8 views

Medium: nerdctl

Issue Overview: 2023-10-11: The severity level was changed from Important to Medium. Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192...

5.3CVSS7.1AI score0.01328EPSS
Exploits0
Amazon
Amazon
added 2023/08/25 12:0 a.m.8 views

Medium: amazon-cloudwatch-agent

Issue Overview: 2023-10-11: The severity level was changed from Important to Medium. Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192...

5.3CVSS7.1AI score0.01328EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/08/02 1:56 a.m.5 views

SUSE CVE-2023-29409

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

7.5CVSS7.7AI score0.01328EPSS
Exploits0References25
Rows per page
Query Builder