6 matches found
EUVD-2025-28064
Malicious code in bioql PyPI...
AZL-67092 CVE-2025-8277 affecting package libssh for versions less than 0.10.6-5
A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when...
Synchronous Access of Remote Resource without Timeout
Overview github.com/hashicorp/vault/vault is a tool for securely accessing secrets. Affected versions of this package are vulnerable to Synchronous Access of Remote Resource without Timeout via the rekey and recovery key operations. An attacker can disrupt service availability by triggering...
Synchronous Access of Remote Resource without Timeout
Overview github.com/hashicorp/vault/command is a tool for secrets management, encryption as a service, and privileged access management. Affected versions of this package are vulnerable to Synchronous Access of Remote Resource without Timeout via the rekey and recovery key operations. An attacker...
Synchronous Access of Remote Resource without Timeout
Overview github.com/hashicorp/vault/http is an a tool for securely accessing secrets. Affected versions of this package are vulnerable to Synchronous Access of Remote Resource without Timeout via the rekey and recovery key operations. An attacker can disrupt service availability by triggering...
Synchronous Access of Remote Resource without Timeout
Overview Affected versions of this package are vulnerable to Synchronous Access of Remote Resource without Timeout via the rekey and recovery key operations. An attacker can disrupt service availability by triggering uncontrolled cancellation actions during these processes, which can lead to deni...