Lucene search
K

78 matches found

Amazon
Amazon
added 6 days ago3 views

Medium: nerdctl

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6.9AI score0.00939EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.13 views

GHSA-Q4H4-GMJ2-QVW2 vulnerabilities

Vulnerabilities for packages: packer-fips, crossplane-provider-aws-networkmanager, crossplane-provider-aws-organizations, crossplane-provider-azure-signalrservice, spire-server, crossplane-provider-aws-elasticache-fips, grype-db, pulumi-kubernetes-operator, tflint, crossplane-provider-aws-route53...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.7 views

GHSA-RM3J-F69W-WQMQ vulnerabilities

Vulnerabilities for packages: packer-fips, crossplane-provider-aws-networkmanager, crossplane-provider-aws-organizations, crossplane-provider-azure-signalrservice, spire-server, crossplane-provider-aws-elasticache-fips, grype-db, pulumi-kubernetes-operator, tflint, crossplane-provider-aws-route53...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.7 views

GHSA-45GG-VH54-H5M9 vulnerabilities

Vulnerabilities for packages: zarf-fips, harbor, osv-scanner, rancher, knative-eventing-fips, spire-server, k9s-fips, argocd-image-updater, vitess, docker-machine-driver-harvester, trivy-fips, cloudbeat, mattermost, prometheus-mongodb-exporter, flux-image-automation-controller-fips, snyk-cli,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.10 views

GHSA-X527-X647-Q7GG vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, rancher, chisel, spire-server, fscrypt, kaf, kubescape, rancher-agent, flux-source-controller, flux-image-automation-controller, knative-serving, minio, external-dns, telegraf, vitess, cilium, k9s, skaffold, kubernetes,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.8 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: snyk-cli, chisel, pulumi-language-yaml, terragrunt, ksops, gomplate, wolfictl, caddy, fulcio, vault-benchmark, telegraf, cosign, dagger, witness, podman, pulumi-language-java, helm, kots, step-issuer, prometheus, crossplane-provider-azure-authorization, gh,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.6 views

GHSA-JPPX-RXG9-JMRX vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, buildah, rancher, spire-server, fscrypt, kaf, rancher-agent, knative-serving, minio, external-dns, telegraf, vitess, cilium, kubernetes, podman, k3s, nerdctl, flux, cloud-provider-aws, helm, mattermost, cert-manager, kots, containerd,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.7 views

GHSA-9M57-25V3-79X9 vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, buildah, rancher, spire-server, fscrypt, kaf, rancher-agent, knative-serving, minio, external-dns, telegraf, vitess, cilium, kubernetes, podman, k3s, nerdctl, flux, cloud-provider-aws, helm, mattermost, cert-manager, kots, containerd,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.10 views

GHSA-45GG-VH54-H5M9 vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, rancher, chisel, spire-server, fscrypt, kaf, kubescape, rancher-agent, flux-source-controller, flux-image-automation-controller, knative-serving, minio, external-dns, telegraf, vitess, cilium, docker-machine-driver-harvester, k9s,...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.17 views

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3334 (ALAS-2026-3334)

The version of nerdctl installed on the remote host is prior to 2.2.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3334 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Parsing...

10CVSS6.1AI score0.00533EPSS
Exploits0References40
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.17 views

Amazon Linux 2023 : nerdctl (ALAS2023-2026-1735)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1735 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

7.5CVSS7.5AI score0.00813EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.17 views

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3319 (ALAS-2026-3319)

The version of nerdctl installed on the remote host is prior to 2.2.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3319 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a...

7.5CVSS7.5AI score0.00813EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.21 views

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3265 (ALAS-2026-3265)

The version of nerdctl installed on the remote host is prior to 2.2.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3265 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler...

9.8CVSS6.1AI score0.00651EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.5 views

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3229 (ALAS-2026-3229)

"The version of nerdctl installed on the remote host is prior to 2.2.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3229 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix...

9.1CVSS7.4AI score0.01557EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.12 views

Amazon Linux 2023 : nerdctl (ALAS2023-2026-1535)

"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1535 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir o...

9.1CVSS7.4AI score0.01557EPSS
Exploits1References10
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.12 views

CVE-2026-32282 vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard, snyk-cli, spire-server, fscrypt, kaf, cilium-envoy, kubescape, net-kourier, falco-no-driver, gitaly, newrelic-fluent-bit-output, knative-serving, aws-flb-kinesis, redka, dask-gateway, external-secrets-operator, grafana, external-dns, hubble,...

6.4CVSS6.8AI score0.00292EPSS
Exploits0
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.9 views

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, grpcurl, kube-vip, lazydocker, modelmesh-runtime-adapter, sftpgo-plugin-geoipfilter, pulumi-language-yaml, snyk-cli, rancher-fleet, sriov-network-device-plugin, xeol, certificate-transparency, k8ssandra-operator, caddy,...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.2 views

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3155 (ALAS-2026-3155)

The version of nerdctl installed on the remote host is prior to 2.2.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3155 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program ...

5.3CVSS6.8AI score0.00533EPSS
Exploits0References6
Amazon
Amazon
added 2026/02/05 12:0 a.m.4 views

Medium: nerdctl

Issue Overview: SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read. CVE-2025-47914 SSH servers parsing GSSAPI authentication requests do not validate the number...

5.3CVSS6.7AI score0.00533EPSS
Exploits0
Amazon
Amazon
added 2026/02/05 12:0 a.m.6 views

Medium: nerdctl

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS7.5AI score0.01945EPSS
Exploits2
Rows per page
Query Builder