Astra Linux – Vulnerability in Wireshark

In Wireshark versions 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This issue was addressed in the epan/dissectors/packet-multipart.c file by correcting the deallocation of invalid MIME parts...

RockyLinux 8 : container-tools:4.0 (RLSA-2023:6938)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:6938 advisory. go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper handli...

EUVD-2006-6286

Malware in sbrugna...

EUVD-2020-18496

Malware in sbrugna...

Excessive resource consumption in mime/multipart

...

Excessive resource consumption in net/http, net/textproto and mime/multipart

...

OESA-2025-1221 golang security update

. Security Fixes: HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. Certain unusual patterns of input data can cause the common function used to parse HTTP and MIME headers to allocate substantially more...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2024:8038)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8038 advisory. golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 go/parser: golang: Calling...

RHEL 8 / 9 : Red Hat Service Interconnect 1.4 Release (RHSA-2023:4003)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4003 advisory. As a Kubernetes user, I cannot connect easily connect services from one cluster with services on another cluster. Red Hat Application...

RHEL 8 / 9 : OpenShift Container Platform 4.13.3 (RHSA-2023:3536)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3536 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

Vulnerability of mime/multipart packages, net/textproto programming language in Golang, allowing attackers to trigger a denial-of-service attack

The vulnerability of the mime/multipart and net/text proto types in the Golang programming language is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability can allow a remote attacker to cause service failures...

CentOS 9 : containernetworking-plugins-1.3.0-2.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the containernetworking-plugins-1.3.0-2.el9 build changelog. - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a...

golang: net/http, mime/multipart: denial of service from excessive resource consumption

A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service...

Oracle Linux 9 : buildah (ELSA-2023-6473)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6473 advisory. - rebuild for following CVEs: CVE-2023-25173 CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539...

Oracle Linux 9 : podman (ELSA-2023-6474)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6474 advisory. - rebuild for following CVEs: CVE-2023-25173 CVE-2022-41724 CVE-2022-41725 CVE-2023-24537 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723...

golang: net/http, mime/multipart: denial of service from excessive resource consumption

A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service...

Moderate: Red Hat Security Advisory: container-tools:rhel8 security and bug fix update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

golang: net/http, mime/multipart: denial of service from excessive resource consumption

A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service...

Moderate: container-tools:rhel8 security and bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper handling of JavaScri...

RHEL 8 : container-tools:rhel8 (RHSA-2023:6939)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6939 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: go-yaml:...