exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 103

CVE-2024-24783

почти 2 года назад

Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.

CVSS3: 5.9

EPSS: Низкий

CVE-2024-24783

почти 2 года назад

CVSS3: 5.9

EPSS: Низкий

CVE-2024-24783

почти 2 года назад

CVSS3: 5.9

EPSS: Низкий

CVE-2024-24783

5 месяцев назад

Verify panics on certificates with an unknown public key algorithm in crypto/x509

CVSS3: 5.9

EPSS: Низкий

CVE-2024-24783

почти 2 года назад

Verifying a certificate chain which contains a certificate with an unk ...

CVSS3: 5.9

EPSS: Низкий

RLSA-2024:5258

больше 1 года назад

Important: container-tools:rhel8 security update

EPSS: Низкий

ELSA-2024-5258

больше 1 года назад

ELSA-2024-5258: container-tools:ol8 security update (IMPORTANT)

EPSS: Низкий

GHSA-3q2c-pvp5-3cqp

почти 2 года назад

CVSS3: 5.9

EPSS: Низкий

ELSA-2024-6195

больше 1 года назад

ELSA-2024-6195: skopeo security update (MODERATE)

EPSS: Низкий

ELSA-2024-6189

больше 1 года назад

ELSA-2024-6189: buildah security update (MODERATE)

EPSS: Низкий

ELSA-2024-6188

больше 1 года назад

ELSA-2024-6188: runc security update (MODERATE)

EPSS: Низкий

ELSA-2024-6187

больше 1 года назад

ELSA-2024-6187: gvisor-tap-vsock security update (MODERATE)

EPSS: Низкий

ELSA-2024-6186

больше 1 года назад

ELSA-2024-6186: containernetworking-plugins security update (MODERATE)

EPSS: Низкий

BDU:2024-02048

почти 2 года назад

Уязвимость пакета golang операционной системы Debian GNU/Linux, позволяющая нарушителю вызвать отказ в обслуживании (DoS)

CVSS3: 7.5

EPSS: Низкий

CVE-2023-45289

почти 2 года назад

When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.

CVSS3: 4.3

EPSS: Низкий

CVE-2023-45289

почти 2 года назад

CVSS3: 5.3

EPSS: Низкий

CVE-2023-45289

почти 2 года назад

CVSS3: 4.3

EPSS: Низкий

CVE-2023-45289

5 месяцев назад

Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

CVSS3: 4.3

EPSS: Низкий

CVE-2023-45289

почти 2 года назад

When following an HTTP redirect to a domain which is not a subdomain m ...

CVSS3: 4.3

EPSS: Низкий

ELSA-2024-6194

больше 1 года назад

ELSA-2024-6194: podman security update (IMPORTANT)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-24783 Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.	CVSS3: 5.9	0% Низкий	почти 2 года назад
CVE-2024-24783 Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.	CVSS3: 5.9	0% Низкий	почти 2 года назад
CVE-2024-24783 Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.	CVSS3: 5.9	0% Низкий	почти 2 года назад
CVE-2024-24783 Verify panics on certificates with an unknown public key algorithm in crypto/x509	CVSS3: 5.9	0% Низкий	5 месяцев назад
CVE-2024-24783 Verifying a certificate chain which contains a certificate with an unk ...	CVSS3: 5.9	0% Низкий	почти 2 года назад
RLSA-2024:5258 Important: container-tools:rhel8 security update			больше 1 года назад
ELSA-2024-5258 ELSA-2024-5258: container-tools:ol8 security update (IMPORTANT)			больше 1 года назад
GHSA-3q2c-pvp5-3cqp Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.	CVSS3: 5.9	0% Низкий	почти 2 года назад
ELSA-2024-6195 ELSA-2024-6195: skopeo security update (MODERATE)			больше 1 года назад
ELSA-2024-6189 ELSA-2024-6189: buildah security update (MODERATE)			больше 1 года назад
ELSA-2024-6188 ELSA-2024-6188: runc security update (MODERATE)			больше 1 года назад
ELSA-2024-6187 ELSA-2024-6187: gvisor-tap-vsock security update (MODERATE)			больше 1 года назад
ELSA-2024-6186 ELSA-2024-6186: containernetworking-plugins security update (MODERATE)			больше 1 года назад
BDU:2024-02048 Уязвимость пакета golang операционной системы Debian GNU/Linux, позволяющая нарушителю вызвать отказ в обслуживании (DoS)	CVSS3: 7.5	0% Низкий	почти 2 года назад
CVE-2023-45289 When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.	CVSS3: 4.3	0% Низкий	почти 2 года назад
CVE-2023-45289 When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.	CVSS3: 5.3	0% Низкий	почти 2 года назад
CVE-2023-45289 When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.	CVSS3: 4.3	0% Низкий	почти 2 года назад
CVE-2023-45289 Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http	CVSS3: 4.3	0% Низкий	5 месяцев назад
CVE-2023-45289 When following an HTTP redirect to a domain which is not a subdomain m ...	CVSS3: 4.3	0% Низкий	почти 2 года назад
ELSA-2024-6194 ELSA-2024-6194: podman security update (IMPORTANT)			больше 1 года назад

Уязвимостей на страницу