50 matches found
CVE-2026-39835 affecting package packer for versions less than 1.9.5-14
CVE-2026-39835 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-46597 affecting package packer for versions less than 1.9.5-14
CVE-2026-46597 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-39828 affecting package packer for versions less than 1.9.5-14
CVE-2026-39828 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2025-47911 affecting package packer for versions less than 1.9.5-13
CVE-2025-47911 affecting package packer for versions less than 1.9.5-13. A patched version of the package is available...
CVE-2025-58190 affecting package packer for versions less than 1.9.5-13
CVE-2025-58190 affecting package packer for versions less than 1.9.5-13. A patched version of the package is available...
AZL-70325 CVE-2025-47913 affecting package packer for versions less than 1.9.5-16
SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process...
EUVD-2011-4062
Malware in sbrugna...
CVE-2025-22872 affecting package packer for versions less than 1.9.5-13
CVE-2025-22872 affecting package packer for versions less than 1.9.5-13. A patched version of the package is available...
Azure Linux 3.0 Security Update: azcopy / git-lfs / golang / influxdb / keda (CVE-2025-22870)
The version of azcopy / git-lfs / golang / influxdb / keda installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22870 advisory. - Matching of hosts against proxy patterns can improperly treat an IPv6...
CVE-2025-22870 affecting package packer for versions less than 1.9.5-11
CVE-2025-22870 affecting package packer for versions less than 1.9.5-11. A patched version of the package is available...
CVE-2024-51744 affecting package packer for versions less than 1.9.5-11
CVE-2024-51744 affecting package packer for versions less than 1.9.5-11. A patched version of the package is available...
AZL-59242 CVE-2025-30204 affecting package packer for versions less than 1.9.5-12
golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...
AZL-58396 CVE-2025-22870 affecting package packer for versions less than 1.9.5-12
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to ".example.com", a request to "::1%25.example.com:80 will incorrectly match and not be proxied...
AZL-58469 CVE-2025-22870 affecting package packer for versions less than 1.9.5-9
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to ".example.com", a request to "::1%25.example.com:80 will incorrectly match and not be proxied...
CVE-2025-22869 affecting package packer for versions less than 1.9.5-10
CVE-2025-22869 affecting package packer for versions less than 1.9.5-10. A patched version of the package is available...
CVE-2025-22868 affecting package packer for versions less than 1.9.5-10
CVE-2025-22868 affecting package packer for versions less than 1.9.5-10. A patched version of the package is available...
CVE-2025-27144 affecting package packer for versions less than 1.9.5-9
CVE-2025-27144 affecting package packer for versions less than 1.9.5-9. A patched version of the package is available...
AZL-57393 CVE-2025-22869 affecting package packer for versions less than 1.9.5-6
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
AZL-57422 CVE-2025-22868 affecting package packer for versions less than 1.9.5-10
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...
Azure Linux 3.0 Security Update: packer (CVE-2023-49568)
The version of packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-49568 advisory. - A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability...