Lucene search
K
NetappCloud Insights Telegraf

5 matches found

CVE
CVE
added 2021/07/15 1:47 p.m.624 views

CVE-2021-34558

CVE-2021-34558 affects the Go crypto/tls implementation. In Go up to 1.16.5, the certificate public-key type is not properly validated for RSA-based key exchanges, allowing a TLS server to trigger a panic in the client. Several connected advisories link this to Go’s TLS handling and note remediat...

6.5CVSS7AI score0.06975EPSS
CVE
CVE
added 2020/03/16 8:55 p.m.423 views

CVE-2020-7919

The CVE-2020-7919 issue affects Go before 1.12.16 and Go 1.13.x before 1.13.7, including the crypto/cryptobyte package (0.0.0-20200124225646-8b5121be2f68). A malformed X.509 certificate can cause a panic in clients, enabling denial-of-service conditions. In practice, Helm advisories note Go 1.14....

7.8CVSS7.3AI score0.02582EPSS
CVE
CVE
added 2022/01/01 12:0 a.m.412 views

CVE-2021-44716

CVE-2021-44716 affects Go's net/http implementation: before Go 1.16.12 and 1.17.x before 1.17.5, HTTP/2 header canonicalization can cause uncontrolled memory consumption. The vulnerability is rooted in the header cache behavior. Multiple connected advisories indicate that upgrades resolve the iss...

7.5CVSS7.6AI score0.03958EPSS
CVE
CVE
added 2022/08/09 12:0 a.m.408 views

CVE-2022-28131

CVE-2022-28131: Uncontrolled recursion in Decoder.Skip in encoding/xml can panic due to stack exhaustion when parsing deeply nested XML. Affected: Go's encoding/xml package. Root cause: recursion while skipping nested XML elements. Impact: potential denial of service via panic/availability loss. ...

7.5CVSS7.7AI score0.01875EPSS
CVE
CVE
added 2022/01/24 12:0 a.m.302 views

CVE-2021-39293

CVE-2021-39293: In Go's archive/zip, a crafted ZIP header can cause a panic. Connected advisories show affected Go versions include: Go before 1.15.13 and 1.16.x before 1.16.5 (Astra Linux), and the initial entry references Go 1.16.8 and 1.17.1 as contexts. Several advisories note this as an inco...

7.5CVSS7.7AI score0.06934EPSS