rpm package
opensuse/google-guest-agent&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/google-guest-agent&distro=openSUSE%20Leap%2015.6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-22868 | — | < 20250116.00-150000.1.57.1 | 20250116.00-150000.1.57.1 | Feb 26, 2025 | An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. | ||
| CVE-2024-45337 | Cri | 9.1 | < 20250327.01-150000.1.60.1 | 20250327.01-150000.1.60.1 | Dec 12, 2024 | Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that |
- CVE-2025-22868Feb 26, 2025affected < 20250116.00-150000.1.57.1fixed 20250116.00-150000.1.57.1
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
- affected < 20250327.01-150000.1.60.1fixed 20250327.01-150000.1.60.1
Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that