25 matches found
Security Bulletin: IBM Event Streams is vulnerable to a denial of service
Summary IBM Event Streams is vulnerable to a denial of service due to non‑linear parsing of malicious input. CVE-2024-45338 Vulnerability Details CVEID:CVE-2024-45338 DESCRIPTION: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length...
AZL-78919 CVE-2025-61723 affecting package golang 1.25.7-1
The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...
SUSE CVE-2025-61723
The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in olang Parse [CVE-2024-45338]
Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in olang Parse, caused by a flaw which allows specially crafted input that may result in extremely slow non-linear parsing CVE-2024-45338. is used in our speech utilities. This vulnerabilitiy has been addressed...
Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.1.4
Logging for Red Hat OpenShift - 6.1.4 Logging for Red Hat OpenShift - 6.1.4 logging-loki-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html CVE-2024-45338 cluster-logging-operator-container: net/http: sensitive headers incorrectly sent after cross-domain redirect...
Important: Red Hat Security Advisory: OpenShift Virtualization 4.18.0 Images
Red Hat OpenShift Virtualization release 4.18.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...
Important: Red Hat Security Advisory: RHODF-4.16-RHEL-9 security update
An updated images are now available for RHODF-4.16-RHEL-9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.48 security and extras update
Red Hat OpenShift Container Platform release 4.14.48 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a security impact of...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.16 bug fix and security update
Red Hat OpenShift Container Platform release 4.17.16 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a security impact of...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.14
Red Hat OpenShift Service Mesh Containers for 2.4.14 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift...
Important: Red Hat Security Advisory: RHSA: Submariner 0.19.2 - bug fix and enhancement update
Submariner 0.19 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.12 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVS...
Critical: Red Hat Security Advisory: ACS 4.6.2 enhancement and security update
Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes RHACS. The updated image includes security and bug fixes. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which give...
FreeBSD : oauth2-proxy -- Non-linear parsing of case-insensitive content (258a58a9-6583-4808-986b-e785c27b0a18)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 258a58a9-6583-4808-986b-e785c27b0a18 advisory. Golang reports: This update include security fixes: Tenable has extracted the preceding description blo...
Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.9.6 bug fixes and container updates
Red Hat Advanced Cluster Management for Kubernetes 2.9.6 General Availability release images, which provide enhancements, bug fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS ba...
Important: Red Hat Security Advisory: VolSync 0.11.1 for RHEL 9
VolSync v0.11.1 general availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Non-linear parsing of case-insensitive content in golang.org/x/net/html
...
GHSA-W32M-9786-JP63 Non-linear parsing of case-insensitive content in golang.org/x/net/html
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
Non-linear parsing of case-insensitive content in golang.org/x/net/html
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
CVE-2024-45338
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
AZL-54510 CVE-2024-45338 affecting package packer for versions less than 1.9.5-7
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...