rpm package
opensuse/rekor&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/rekor&distro=openSUSE%20Leap%2015.5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-48795 | Med | 5.9 | < 1.3.5-150400.4.19.1 | 1.3.5-150400.4.19.1 | Dec 18, 2023 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end | |
| CVE-2023-33199 | — | < 1.2.1-150400.4.12.1 | 1.2.1-150400.4.12.1 | May 26, 2023 | Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. A malformed proposed entry of the `intoto/v0.0.2` type can cause a panic on a thread within the Rekor process. The thread is recovered so the client re |
- affected < 1.3.5-150400.4.19.1fixed 1.3.5-150400.4.19.1
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end
- CVE-2023-33199May 26, 2023affected < 1.2.1-150400.4.12.1fixed 1.2.1-150400.4.12.1
Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. A malformed proposed entry of the `intoto/v0.0.2` type can cause a panic on a thread within the Rekor process. The thread is recovered so the client re