9 matches found
openSUSE 16 Security Update : google-guest-agent (openSUSE-SU-2026:20609-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20609-1 advisory. Update to version 20250506.01 bsc1243254, bsc1243505. Security issues fixed: - CVE-2024-45337: golang.org/x/crypto/ssh: misuse of the...
SUSE-SU-2026:21319-1 Security update for google-guest-agent
This update for google-guest-agent fixes the following issues: Update to version 20250506.01 bsc1243254, bsc1243505. Security issues fixed: - CVE-2024-45337: golang.org/x/crypto/ssh: misuse of the ServerConfig.PublicKeyCallback callback can lead to authorization bypass in applications bsc1234563....
SUSE-SU-2026:21376-1 Security update for google-guest-agent
This update for google-guest-agent fixes the following issues: Update to version 20250506.01 bsc1243254, bsc1243505. Security issues fixed: - CVE-2024-45337: golang.org/x/crypto/ssh: misuse of the ServerConfig.PublicKeyCallback callback can lead to authorization bypass in applications bsc1234563....
Security update for buildah
This update for buildah fixes the following issues: CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of CONTINUATION frames read for an HTTP/2 request in golang.org/x/net/http2. bsc1236531 Patch Instructions: To install this SUSE update use the SUSE...
Security update for ignition
This update for ignition fixes the following issues: CVE-2023-45288: Fixed unclosed connections when receiving too many headers in golang.org/x/net/http2 bsc1236518 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for apptainer
This update for apptainer fixes the following issues: CVE-2023-45288: Fixed unclosed connections when receiving too many headers in golang.org/x/net/http2 bsc1236528 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
AZL-38158 CVE-2023-45288 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-1
An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...
AZL-39984 CVE-2023-45288 affecting package moby-cli for versions less than 24.0.9-3
An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...
AZL-38173 CVE-2023-45288 affecting package kubernetes for versions less than 1.30.1-1
An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...