65 matches found
Azure Linux 3.0 Security Update: multus (CVE-2020-28852)
The version of multus installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-28852 advisory. - In x/text in Go before v0.3.5, a slice bounds out of range panic occurs in language.ParseAcceptLanguage whil...
Azure Linux 3.0 Security Update: multus (CVE-2020-28851)
The version of multus installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-28851 advisory. - In x/text in Go 1.15.4, an index out of range panic occurs in language.ParseAcceptLanguage while parsing the...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: kuma, fluent-bit-plugin-loki, grafana-fips, teleport, nri-kafka, aws-iam-authenticator-fips, verticadb-operator-fips, kube-conformance, hugo-extended, verticadb-operator, kyverno-policy-reporter, coredns, knative-serving, trillian-fips, azuredisk-csi, influx,...
CVE-2025-22872 affecting package multus for versions less than 4.0.2-8
CVE-2025-22872 affecting package multus for versions less than 4.0.2-8. A patched version of the package is available...
CVE-2025-22872 affecting package multus for versions less than 4.0.2-5
CVE-2025-22872 affecting package multus for versions less than 4.0.2-5. A patched version of the package is available...
AZL-60568 CVE-2025-22872 affecting package multus for versions less than 4.0.2-8
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...
AZL-60474 CVE-2025-22872 affecting package multus for versions less than 4.0.2-5
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...
Azure Linux 3.0 Security Update: application-gateway-kubernetes-ingress / cf-cli / cri-o / csi-driver-lvm / golang / keda / moby-engine / node-problem-detector (CVE-2021-44716)
The version of application-gateway-kubernetes-ingress / cf-cli / cri-o / csi-driver-lvm / golang / keda / moby-engine / node-problem-detector installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-44716...
Azure Linux 3.0 Security Update: application-gateway-kubernetes-ingress / cf-cli / cni / containerized-data-importer / containernetworking-plugins / gh / keda / kubevirt (CVE-2022-32149)
The version of application-gateway-kubernetes-ingress / cf-cli / cni / containerized-data-importer / containernetworking-plugins / gh / keda / kubevirt installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the...
CVE-2024-45338 affecting package multus for versions less than 4.0.2-4
CVE-2024-45338 affecting package multus for versions less than 4.0.2-4. A patched version of the package is available...
CVE-2024-45338 affecting package multus for versions less than 4.0.2-7
CVE-2024-45338 affecting package multus for versions less than 4.0.2-7. A patched version of the package is available...
AZL-54452 CVE-2024-45338 affecting package multus for versions less than 4.0.2-4
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
AZL-54564 CVE-2024-45338 affecting package multus for versions less than 4.0.2-7
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
CVE-2023-39325 affecting package multus for versions less than 4.0.2-3
CVE-2023-39325 affecting package multus for versions less than 4.0.2-3. A patched version of the package is available...
CVE-2023-45288 affecting package multus for versions less than 4.0.2-3
CVE-2023-45288 affecting package multus for versions less than 4.0.2-3. A patched version of the package is available...
CVE-2023-3978 affecting package multus for versions less than 4.0.2-2
CVE-2023-3978 affecting package multus for versions less than 4.0.2-2. A patched version of the package is available...
CVE-2023-3978 affecting package multus for versions less than 4.0.2-5
CVE-2023-3978 affecting package multus for versions less than 4.0.2-5. A patched version of the package is available...
CVE-2022-32149 affecting package multus for versions less than 4.0.2-1
CVE-2022-32149 affecting package multus for versions less than 4.0.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-29526 affecting package multus for versions less than 4.0.2-1
CVE-2022-29526 affecting package multus for versions less than 4.0.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-21698 affecting package multus for versions less than 4.0.2-1
CVE-2022-21698 affecting package multus for versions less than 4.0.2-1. An upgraded version of the package is available that resolves this issue...