26 matches found
Astra Linux - Vulnerability in Golang-1.19
Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/TLS clients, as well as servers that have Config.ClientAuth set to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default...
EUVD-2026-27514
In Paramiko through 4.0.0 before a448945, rsakey.py allows the SHA-1 algorithm...
EUVD-2026-4769
In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...
MiracleLinux 9 : gvisor-tap-vsock-0.7.3-5.el9_4.ML.1 (AXSA:2024-8751:04)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8751:04 advisory. golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2024-24783 Tenable has extracted the preceding description block...
MiracleLinux 8 : container-tools:rhel8 (AXSA:2024-8686:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8686:01 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in...
EUVD-2024-22161
Malicious code in bioql PyPI...
SUSE-SU-2025:20538-1 Security update for libgcrypt
This update for libgcrypt fixes the following issues: - CVE-2024-2236: Fixed timing based side-channel in RSA implementation bsc1221107...
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...
Moderate: skopeo security update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2024-24783 For more details about the...
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...
EulerOS 2.0 SP10 : golang (EulerOS-SA-2024-1589)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward...
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...
BIT-GOLANG-2024-24783 Verify panics on certificates with an unknown public key algorithm in crypto/x509
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...
SUSE-SU-2024:0800-1 Security update for go1.21
This update for go1.21 fixes the following issues: - Upgrade go to version 1.21.8 - CVE-2023-45289: net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect bsc1221000 - CVE-2023-45290: net/http: memory exhaustion in Request.ParseMultipartForm bsc122100...
SUSE CVE-2024-24783
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...
CVE-2024-24783
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...
CVE-2024-24783
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...
CVE-2024-24783
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...
CVE-2024-24783
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...