rpm package
suse/google-guest-agent&distro=SUSE Linux Enterprise Module for Public Cloud 12
pkg:rpm/suse/google-guest-agent&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012
Vulnerabilities (24)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-45337 | Cri | 9.1 | < 20250327.01-1.50.1 | 20250327.01-1.50.1 | Dec 12, 2024 | Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that | |
| CVE-2023-45288 | Hig | 7.5 | < 20260529.00-1.61.1 | 20260529.00-1.61.1 | Apr 4, 2024 | An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed Ma | |
| CVE-2022-23806 | Cri | 9.1 | < 20230221.00-1.29.1 | 20230221.00-1.29.1 | Feb 11, 2022 | Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. | |
| CVE-2021-38297 | Cri | 9.8 | < 20230221.00-1.29.1 | 20230221.00-1.29.1 | Oct 18, 2021 | Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used. |
- affected < 20250327.01-1.50.1fixed 20250327.01-1.50.1
Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that
- affected < 20260529.00-1.61.1fixed 20260529.00-1.61.1
An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed Ma
- affected < 20230221.00-1.29.1fixed 20230221.00-1.29.1
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.
- affected < 20230221.00-1.29.1fixed 20230221.00-1.29.1
Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.
Page 2 of 2