13368 matches found
CVE-2025-61725
The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption. Mitigation Mitigation for this issue is either not available or the currently available options do...
CVE-2025-54469
A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the enforcer...
CVE-2025-54469 NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow
A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the enforcer...
CVE-2025-54469 NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow
A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the enforcer...
CVE-2025-54469
NeuVector Enforcer is vulnerable to command injection due to unsanitized use of environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT to compose shell commands via popen. Connected sources (GO-2025-4042, NVD/OSV entries) confirm the issue and potential impact (command injection; buffer over...
EUVD-2025-36730
The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...
EUVD-2025-36739
The ParseAddress function constructeds domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...
Malicious Package
Overview operations-packages is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview legacyesgodfcommon is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview esg-odf-common is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
CVE-2025-61724
The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...
CVE-2025-61725
The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...
AZL-69164 CVE-2025-61724 affecting package msft-golang 1.24.13-1
The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...
CVE-2025-61724
The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...
AZL-78923 CVE-2025-61725 affecting package golang 1.25.7-1
The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...
AZL-78921 CVE-2025-61724 affecting package golang 1.25.7-1
The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...
AZL-69362 CVE-2025-58183 affecting package skopeo for versions less than 1.14.4-7
tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...
AZL-69033 CVE-2025-58183 affecting package containerized-data-importer for versions less than 1.55.0-26
tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...
UBUNTU-CVE-2025-61725
The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...
UBUNTU-CVE-2025-61724
The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...