109 matches found
golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to...
golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to...
GHSA-Q4H4-GMJ2-QVW2 golang.org/x/crypto: Invoking byte arithmetic causes underflow and panic
An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...
CVE-2026-46597
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could send specially crafted inputs to the AES-GCM packet decoder. This could lead to an incorrectly placed cast from bytes to an integer, causing a server-side panic and resulting in a Denial of Service DoS for the affected system...
CVE-2026-44323
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/ueId/servingPlmnId/ee-subscriptions/subsId/amf-subscriptions handler contains a nil-pointer dereference reachable from a single authenticated request, after one...
CVE-2026-4915
Mattermost is affected in CVE-2026-4915 across multiple release streams (11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x
Uncaught Exception
Overview github.com/golang/crypto/ssh is a SSH client and server Affected versions of this package are vulnerable to Uncaught Exception in the CertChecker component when used as a public key callback without setting IsUserAuthority or IsHostAuthority. An attacker can cause the server to panic by...
CVE-2026-46597
An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...
CVE-2026-39835 Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh
SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil...
CVE-2026-46597 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh
An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...
PT-2026-42717
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An incorrectly placed cast from bytes to int in the AES-GCM packet decoder allows for a server-side panic when processing well-crafted inputs. A server-side pani...
Improper Handling of Unexpected Data Type
Overview Affected versions of this package are vulnerable to Improper Handling of Unexpected Data Type via the PublishLogs endpoint. An authenticated gRPC request from an enrolled launcher host can cause the server process to panic and terminate unexpectedly. Remediation Upgrade...
Improper Handling of Unexpected Data Type
Overview Affected versions of this package are vulnerable to Improper Handling of Unexpected Data Type via the PublishLogs endpoint. An authenticated gRPC request from an enrolled launcher host can cause the server process to panic and terminate unexpectedly. Remediation Upgrade...
CVE-2026-40943 Oxia: Server crash via race condition in session heartbeat handling
Oxia is a metadata store and coordination system. Prior to 0.16.2, a race condition between session heartbeat processing and session closure can cause the server to panic with send on closed channel. The heartbeat method uses a blocking channel send while holding a mutex, and under specific timin...
SUSE CVE-2026-32937
free5GC is an open source 5G core network. free5GC CHF prior to version 1.2.2 has an out-of-bounds slice access vulnerability in the CHF nchf-convergedcharging service. A valid authenticated request to PUT /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=... can trigger a server-side panic...
GO-2026-4829 NATS Server panic via malicious compression on leafnode port in github.com/nats-io/nats-server
NATS Server panic via malicious compression on leafnode port in github.com/nats-io/nats-server...
CVE-2026-32937
free5GC is an open source 5G core network. free5GC CHF prior to version 1.2.2 has an out-of-bounds slice access vulnerability in the CHF nchf-convergedcharging service. A valid authenticated request to PUT /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=... can trigger a server-side panic...
CVE-2026-27889
A flaw was found in NATS-Server, a high-performance messaging system. A remote attacker can exploit this vulnerability before authentication by sending a specially crafted WebSockets frame. This missing sanity check can trigger a server panic, leading to a Denial of Service DoS for affected...
CVE-2026-27889
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.2.0 and prior to versions 2.11.14 and 2.12.5, a missing sanity check on a WebSockets frame could trigger a server panic in the nats-server. This happens before authentication, and...
PT-2026-28092
Name of the Vulnerable Software and Affected Versions NATS-Server versions 2.2.0 through 2.11.14 NATS-Server versions 2.12.0 through 2.12.5 Description NATS-Server, a high-performance messaging system, has a flaw where a missing sanity check on WebSocket frames can cause the server to panic. This...