Lucene search
K

76 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.20 views

AlmaLinux 8 : container-tools (ALSA-2024:4246)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4246 advisory. golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON CVE-2024-24786...

7.5CVSS7AI score0.01262EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/07/02 3:45 p.m.4 views

golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. Thi...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/06/27 1:18 p.m.4 views

golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. Thi...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/06/15 12:0 a.m.20 views

SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2024:2031-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2031-1 advisory. - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated...

8.3CVSS7.1AI score0.01279EPSS
Exploits0References7
Amazon
Amazon
added 2024/06/12 12:0 a.m.12 views

Medium: cri-tools

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

7.5CVSS6.9AI score0.91969EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/06/05 2:47 p.m.5 views

golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. Thi...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/06/05 2:47 p.m.5 views

golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. Thi...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References7
Amazon
Amazon
added 2024/05/30 12:0 a.m.8 views

Medium: amazon-cloudwatch-agent

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

7.5CVSS6.9AI score0.91969EPSS
Exploits1
Amazon
Amazon
added 2024/05/28 12:0 a.m.5 views

Medium: amazon-cloudwatch-agent

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

7.5CVSS7.2AI score0.91969EPSS
Exploits1
Redos
Redos
added 2024/05/22 12:0 a.m.20 views

ROS-20240522-06

A vulnerability in the protojson.Unmarshal function of the Golang programming language is related to an infinite loop when unmarshaling of certain JSON forms. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.7AI score0.01262EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/04/30 1:39 p.m.6 views

golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. Thi...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/04/30 1:38 p.m.4 views

golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. Thi...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References7
OSV
OSV
added 2024/04/30 12:0 a.m.30 views

ALSA-2024:2549 Moderate: skopeo security and bug fix update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms...

7.5CVSS7AI score0.01956EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2024/04/30 12:0 a.m.47 views

Moderate: skopeo security and bug fix update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms...

7.5CVSS8.8AI score0.01956EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/04/18 12:0 a.m.26 views

CentOS 7 : rhc-worker-script (RHSA-2024:1874)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1874 advisory. - The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a...

7.5CVSS6.9AI score0.01262EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 11:7 a.m.16 views

OESA-2024-1381 cri-tools security update

CLI and validation tools for Container Runtime Interface Security Fixes: A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.CVE-2022-41723 A malicious HTTP/2 client which...

7.5CVSS6.6AI score0.04561EPSS
Exploits0References4
OSV
OSV
added 2024/04/12 11:7 a.m.13 views

OESA-2024-1380 cri-tools security update

CLI and validation tools for Container Runtime Interface Security Fixes: A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.CVE-2022-41723 A malicious HTTP/2 client which...

7.5CVSS6.6AI score0.04561EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/04/03 7:42 a.m.5 views

golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON

A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. Thi...

7.5CVSS6.7AI score0.01262EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/04/03 12:0 a.m.29 views

RHCOS 4 : OpenShift Container Platform 4.12.54 (RHSA-2024:1574)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1574 advisory. - golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 - golang-protobuf:...

7.5CVSS6.9AI score0.01956EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/04/03 12:0 a.m.26 views

RHEL 8 / 9 : OpenShift Container Platform 4.12.54 (RHSA-2024:1574)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1574 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

7.5CVSS7.4AI score0.01956EPSS
Exploits0References8
Rows per page
Query Builder