Amazon Linux 2023 : runfinch-finch (ALAS2023-2025-1336)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1336 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...

Medium: runfinch-finch

Issue Overview: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service. CVE-2024-45338 golang-jwt is a Go implementation of JSON Web Tokens. Unclear...