Cloud Insights Telegraf Security Vulnerabilities and Issues — Cloud Insights Telegraf CVE List

Lucene search

NetappCloud Insights Telegraf

5 matches found

CVE•added 2021/07/15 2:15 p.m.•552 views

CVE-2021-34558

The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.

6.5CVSS7AI score0.00839EPSS

CVE•added 2022/01/01 5:15 a.m.•335 views

CVE-2021-44716

net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.

7.5CVSS7.6AI score0.0008EPSS

CVE•added 2020/03/16 9:15 p.m.•329 views

CVE-2020-7919

Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate.

7.8CVSS7.3AI score0.00627EPSS

CVE•added 2022/08/10 8:15 p.m.•322 views

CVE-2022-28131

Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document.

7.5CVSS7.7AI score0.00011EPSS

CVE•added 2022/01/24 1:15 a.m.•259 views

CVE-2021-39293

In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196.

7.5CVSS7.7AI score0.00022EPSS