Lucene search
K

982 matches found

OSV
OSV
added 2026/06/25 10:14 p.m.4 views

GHSA-F5WC-C3C7-36MC golang.org/x/crypto doesn't drop invoking agent constraints when forwarding keys

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

9.1CVSS6AI score0.00525EPSS
Exploits0References22
Github Security Blog
Github Security Blog
added 2026/06/25 10:14 p.m.10 views

golang.org/x/crypto doesn't drop invoking agent constraints when forwarding keys

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

9.1CVSS6AI score0.00525EPSS
Exploits0References22Affected Software1
EUVD
EUVD
added 2026/06/25 10:14 p.m.11 views

EUVD-2026-31390

golang.org/x/crypto/ssh/agent doesn't drop invoking agent constraints when forwarding keys...

9.1CVSS5.8AI score0.00525EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/25 10:13 p.m.11 views

EUVD-2026-31389

golang.org/x/crypto/ssh/agent doesn't enforce invoking key constraints...

9.1CVSS5.8AI score0.0036EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/06/25 10:13 p.m.8 views

golang.org/x/crypto doesn't enforce invoking key constraints

The in-memory keyring returned by NewKeyring silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring now returns an error when...

9.1CVSS6AI score0.0036EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/06/25 10:13 p.m.6 views

GHSA-JPPX-RXG9-JMRX golang.org/x/crypto doesn't enforce invoking key constraints

The in-memory keyring returned by NewKeyring silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring now returns an error when...

9.1CVSS6AI score0.0036EPSS
Exploits0References7
NVD
NVD
added 2026/06/23 9:16 p.m.7 views

CVE-2026-11819

Module: plugins/modules/keyringinfo.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring GNOME Keyring, macOS Keychain, Windows Credential Manager and places it directly into result"passphrase" with no output suppression...

5.5CVSS0.00122EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/23 7:53 p.m.5 views

CVE-2026-11819 Community.general: community.general keyring_info — os keyring passphrase returned in plaintext

Module: plugins/modules/keyringinfo.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring GNOME Keyring, macOS Keychain, Windows Credential Manager and places it directly into result"passphrase" with no output suppression...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/23 7:53 p.m.4 views

CVE-2026-11819

Module: plugins/modules/keyringinfo.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring GNOME Keyring, macOS Keychain, Windows Credential Manager and places it directly into result"passphrase" with no output suppression...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/23 7:53 p.m.32 views

CVE-2026-11819 Community.general: community.general keyring_info — os keyring passphrase returned in plaintext

Module: plugins/modules/keyringinfo.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring GNOME Keyring, macOS Keychain, Windows Credential Manager and places it directly into result"passphrase" with no output suppression...

5.5CVSS0.00122EPSS
Exploits0References2
CVE
CVE
added 2026/06/23 7:53 p.m.15 views

CVE-2026-11819

The CVE-2026-11819 issue affects the Ansible community.general keyring_info module. The module reads a passphrase from the OS keyring and writes it directly to result["passphrase"] without output suppression. Root cause shows protected input variable (line with no_log=True) but unprotected output...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/23 7:53 p.m.10 views

EUVD-2026-38604

Module: plugins/modules/keyringinfo.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring GNOME Keyring, macOS Keychain, Windows Credential Manager and places it directly into result"passphrase" with no output suppression...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.19 views

PT-2026-51586

Name of the Vulnerable Software and Affected Versions Ansible affected versions not specified Description The plugins/modules/keyring info.py module retrieves passphrases from native operating system keyrings, such as GNOME Keyring, macOS Keychain, and Windows Credential Manager. The issue occurs...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2026-1896)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1896 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 The RSA and DSA public key parsers did not enforce size limits on key parameters. A...

10CVSS7AI score0.03153EPSS
Exploits2References16
Amazon
Amazon
added 2026/06/22 12:0 a.m.13 views

Important: containerd

Issue Overview: An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state a...

10CVSS6.8AI score0.00533EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.7 views

Amazon Linux 2 : containerd, --advisory ALAS2ECS-2026-122 (ALASECS-2026-122)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-122 advisory. The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an...

10CVSS7AI score0.03153EPSS
Exploits2References14
OSV
OSV
added 2026/06/17 1:43 p.m.6 views

USN-8447-1 golang-go.crypto vulnerabilities

It was discovered that Go Cryptography did not properly handle SSH global request responses. A remote attacker could possibly use this issue to cause a denial of service. CVE-2026-39830 It was discovered that Go Cryptography did not properly verify user presence when using FIDO/U2F security keys...

10CVSS5.7AI score0.00533EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.18 views

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-108 (ALASNITRO-ENCLAVES-2026-108)

The version of docker installed on the remote host is prior to 25.0.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-108 advisory. The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with ...

10CVSS6.9AI score0.03153EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.16 views

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-109 (ALASNITRO-ENCLAVES-2026-109)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-109 advisory. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused...

10CVSS7AI score0.00533EPSS
Exploits0References28
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.21 views

Amazon Linux 2 : rclone, --advisory ALAS2-2026-3348 (ALAS-2026-3348)

The version of rclone installed on the remote host is prior to 1.55.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3348 advisory. The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively...

9.1CVSS5.7AI score0.00533EPSS
Exploits0References12
Rows per page
Query Builder