Lucene search
K

73 matches found

OSV
OSV
added 2024/03/05 11:15 p.m.8 views

AZL-35584 CVE-2024-24786 affecting package moby-containerd for versions less than 1.6.26-8

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

7.5CVSS6.6AI score0.01262EPSS
Exploits0References1
OSV
OSV
added 2024/03/05 11:15 p.m.7 views

AZL-35665 CVE-2024-24786 affecting package moby-containerd-cc for versions less than 1.7.7-5

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

7.5CVSS6.6AI score0.01262EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2024/01/14 10:46 p.m.25 views

CVE-2023-47108 affecting package moby-containerd-cc for versions less than 1.7.2-3

CVE-2023-47108 affecting package moby-containerd-cc for versions less than 1.7.2-3. A patched version of the package is available...

7.5CVSS7.7AI score0.01592EPSS
Exploits0
OSV
OSV
added 2023/11/10 7:15 p.m.3 views

AZL-31896 CVE-2023-47108 affecting package moby-containerd-cc for versions less than 1.7.2-3

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...

7.5CVSS6.8AI score0.01592EPSS
Exploits0References1
OSV
OSV
added 2023/11/10 7:15 p.m.4 views

AZL-34995 CVE-2023-47108 affecting package moby-containerd-cc for versions less than 1.7.7-3

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...

7.5CVSS6.8AI score0.01592EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2023/10/12 7:11 p.m.49 views

CVE-2023-39325 affecting package moby-containerd-cc for versions less than 1.7.1-5

CVE-2023-39325 affecting package moby-containerd-cc for versions less than 1.7.1-5. A patched version of the package is available...

7.5CVSS8.3AI score0.03796EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/10/12 7:11 p.m.19 views

CVE-2023-39325 affecting package moby-containerd for versions less than 1.6.22-2

CVE-2023-39325 affecting package moby-containerd for versions less than 1.6.22-2. A patched version of the package is available...

7.5CVSS8.1AI score0.03796EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/10/12 7:11 p.m.39 views

CVE-2023-44487 affecting package moby-containerd-cc for versions less than 1.7.1-5

CVE-2023-44487 affecting package moby-containerd-cc for versions less than 1.7.1-5. A patched version of the package is available...

7.5CVSS7.8AI score0.99999EPSS
Exploits19
CBLMariner
CBLMariner
added 2023/10/12 7:11 p.m.36 views

CVE-2023-44487 affecting package moby-containerd for versions less than 1.6.22-2

CVE-2023-44487 affecting package moby-containerd for versions less than 1.6.22-2. A patched version of the package is available...

7.5CVSS8.9AI score0.99999EPSS
Exploits19
OSV
OSV
added 2023/10/11 10:15 p.m.6 views

AZL-31647 CVE-2023-39325 affecting package moby-containerd-cc for versions less than 1.7.1-5

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...

7.5CVSS6.6AI score0.03796EPSS
Exploits0References1
OSV
OSV
added 2023/10/11 10:15 p.m.11 views

AZL-31646 CVE-2023-39325 affecting package moby-containerd for versions less than 1.6.22-2

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...

7.5CVSS6.6AI score0.03796EPSS
Exploits0References1
OSV
OSV
added 2023/10/11 10:15 p.m.13 views

AZL-34996 CVE-2023-39325 affecting package moby-containerd-cc for versions less than 1.7.1-5

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...

7.5CVSS6.6AI score0.03796EPSS
Exploits0References1
OSV
OSV
added 2023/10/10 2:15 p.m.12 views

AZL-31328 CVE-2023-44487 affecting package moby-containerd for versions less than 1.6.22-2

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References1
OSV
OSV
added 2023/10/10 2:15 p.m.19 views

AZL-34997 CVE-2023-44487 affecting package moby-containerd-cc for versions less than 1.7.1-5

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

7.5CVSS7AI score0.99999EPSS
Exploits19References1
OSV
OSV
added 2023/10/10 2:15 p.m.8 views

AZL-31491 CVE-2023-44487 affecting package moby-containerd-cc for versions less than 1.7.1-5

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

7.5CVSS6.7AI score0.99999EPSS
Exploits19References1
CBLMariner
CBLMariner
added 2023/03/24 11:56 p.m.18 views

CVE-2023-25173 affecting package moby-containerd for versions less than 1.6.18-2

CVE-2023-25173 affecting package moby-containerd for versions less than 1.6.18-2. An upgraded version of the package is available that resolves this issue...

7.8CVSS8.2AI score0.00542EPSS
Exploits1
CBLMariner
CBLMariner
added 2023/03/24 11:56 p.m.23 views

CVE-2023-25153 affecting package moby-containerd for versions less than 1.6.18-2

CVE-2023-25153 affecting package moby-containerd for versions less than 1.6.18-2. An upgraded version of the package is available that resolves this issue...

6.2CVSS6.9AI score0.00363EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.34 views

CBL Mariner 2.0 Security Update: moby-containerd (CVE-2022-23471)

The version of moby-containerd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-23471 advisory. - containerd is an open source container runtime. A bug was found in containerd's CRI implementation...

6.5CVSS7.3AI score0.01022EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.32 views

CBL Mariner 2.0 Security Update: moby-containerd (CVE-2021-41103)

The version of moby-containerd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-41103 advisory. - containerd is an open source container runtime with an emphasis on simplicity, robustness and...

7.8CVSS6.5AI score0.00482EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2023/03/16 3:40 a.m.17 views

CVE-2023-25173 affecting package moby-containerd 1.6.6+azure-7

CVE-2023-25173 affecting package moby-containerd 1.6.6+azure-7. A patched version of the package is available...

7.8CVSS9.2AI score0.00542EPSS
Exploits1
Rows per page
Query Builder