4 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-24675
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. CVE-2022-24675 Note that Nessus relies on...
Important: runc
Issue Overview: Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. CVE-2022-1705 Uncontrolled...
OESA-2025-1123 etcd security update
%expand: Security Fixes: encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.CVE-2022-24675 regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.CVE-2022-24921 The gener...
OESA-2025-1122 etcd security update
%expand: Security Fixes: encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.CVE-2022-24675 regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.CVE-2022-24921 The gener...