Lucene search
K

35 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.10 views

RHCOS 4 : Red Hat build of MicroShift 4.16.0 (RHSA-2024:0043)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0043 advisory. - kubernetes: kube-apiserver: bypassing mountable secrets policy imposed by the ServiceAccount admission plugin CVE-2024-3177 -...

7.5CVSS6.8AI score0.02224EPSS
Exploits1References21
F5 Networks
F5 Networks
added 2024/09/20 8:52 p.m.20 views

K000141024: GO vulnerability CVE-2024-24786

Security Advisory Description The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is se...

7.5CVSS7.6AI score0.01262EPSS
Exploits0Affected Software5
Amazon
Amazon
added 2024/08/06 12:0 a.m.5 views

Medium: nerdctl

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

9.8CVSS6.8AI score0.91969EPSS
Exploits1
Amazon
Amazon
added 2024/08/01 12:0 a.m.5 views

Important: docker

Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

9.9CVSS6.6AI score0.16496EPSS
Exploits0
Amazon
Amazon
added 2024/07/30 12:0 a.m.4 views

Important: docker

Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

9.9CVSS6.7AI score0.16496EPSS
Exploits0
Amazon
Amazon
added 2024/07/30 12:0 a.m.9 views

Important: docker

Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

9.9CVSS6.7AI score0.16496EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/06/27 1:18 p.m.4 views

golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. Thi...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References7
Amazon
Amazon
added 2024/06/12 12:0 a.m.12 views

Medium: cri-tools

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

7.5CVSS6.9AI score0.91969EPSS
Exploits1
OSV
OSV
added 2024/04/12 11:7 a.m.14 views

OESA-2024-1381 cri-tools security update

CLI and validation tools for Container Runtime Interface Security Fixes: A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.CVE-2022-41723 A malicious HTTP/2 client which...

7.5CVSS6.6AI score0.04561EPSS
Exploits0References4
OSV
OSV
added 2024/04/12 11:7 a.m.11 views

OESA-2024-1380 cri-tools security update

CLI and validation tools for Container Runtime Interface Security Fixes: A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.CVE-2022-41723 A malicious HTTP/2 client which...

7.5CVSS6.6AI score0.04561EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/04/03 7:42 a.m.5 views

golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. Thi...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/03/27 12:45 a.m.6 views

golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. Thi...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References7
OSV
OSV
added 2024/03/05 11:15 p.m.7 views

AZL-35592 CVE-2024-24786 affecting package packer for versions less than 1.9.5-4

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

7.5CVSS6.6AI score0.01262EPSS
Exploits0References1
OSV
OSV
added 2024/03/05 11:15 p.m.4 views

AZL-35651 CVE-2024-24786 affecting package gh for versions less than 2.62.0-1

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References1
OSV
OSV
added 2024/03/05 11:15 p.m.4 views

AZL-35582 CVE-2024-24786 affecting package moby-buildx for versions less than 0.7.1-24

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References1
OSV
OSV
added 2024/03/05 11:15 p.m.8 views

AZL-35638 CVE-2024-24786 affecting package containerized-data-importer for versions less than 1.57.0-6

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

7.5CVSS6.6AI score0.01262EPSS
Exploits0References1
OSV
OSV
added 2024/03/05 11:15 p.m.5 views

AZL-35643 CVE-2024-24786 affecting package docker-compose for versions less than 2.27.0-1

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References1
OSV
OSV
added 2024/03/05 11:15 p.m.9 views

AZL-35663 CVE-2024-24786 affecting package kubevirt for versions less than 1.2.0-10

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

7.5CVSS6.6AI score0.01262EPSS
Exploits0References1
OSV
OSV
added 2024/03/05 11:15 p.m.9 views

AZL-35635 CVE-2024-24786 affecting package cert-manager for versions less than 1.12.12-1

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

7.5CVSS6.6AI score0.01262EPSS
Exploits0References1
OSV
OSV
added 2024/03/05 11:15 p.m.6 views

AZL-35665 CVE-2024-24786 affecting package moby-containerd-cc for versions less than 1.7.7-5

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

7.5CVSS6.6AI score0.01262EPSS
Exploits0References1
Rows per page
Query Builder