Lucene search
+L

4 matches found

ibm
ibm
added 2023/11/16 9:35 p.m.42 views

Security Bulletin: IBM Storage Fusion may be vulnerable to Denial of Service via use of golang.org/x/net, x/crypto, and x/text (CVE-2022-30633, CVE-2022-27664, CVE-2022-28131, CVE-2022-41721, CVE-2021-43565, CVE-2022-27191, CVE-2022-32149)

Summary Golang's x/net, x/crypto and x/text are used by IBM Storage Fusion for networking, cryptography and internationalization. Vulnerabilities in these libraries include Inconsistent Interpretation of HTTP Requests, Uncontrolled Recursion, and Missing Release of Resource that could lead to a...

7.5CVSS8.8AI score0.03931EPSS
Exploits1Affected Software1
redhatcve
redhatcve
added 2022/04/30 1:10 p.m.151 views

CVE-2021-43565

There's an input validation flaw in golang.org/x/crypto's readCipherPacket function. An unauthenticated attacker who sends an empty plaintext packet to a program linked with golang.org/x/crypto/ssh could cause a panic, potentially leading to denial of service...

7.5CVSS7.2AI score0.00984EPSS
Exploits0References3
redhat
redhat
added 2022/04/13 3:33 p.m.76 views

golang.org/x/crypto: empty plaintext packet causes panic

There's an input validation flaw in golang.org/x/crypto's readCipherPacket function. An unauthenticated attacker who sends an empty plaintext packet to a program linked with golang.org/x/crypto/ssh could cause a panic, potentially leading to denial of service...

7.5CVSS6.8AI score0.00984EPSS
Exploits0References4
redhat
redhat
added 2022/04/07 6:2 p.m.4 views

golang.org/x/crypto: empty plaintext packet causes panic

There's an input validation flaw in golang.org/x/crypto's readCipherPacket function. An unauthenticated attacker who sends an empty plaintext packet to a program linked with golang.org/x/crypto/ssh could cause a panic, potentially leading to denial of service...

7.5CVSS6.8AI score0.00984EPSS
Exploits0References4
Rows per page
Query Builder