Filtered by vendor Redhat
Subscriptions
Filtered by product Stf
Subscriptions
Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27664 | 3 Fedoraproject, Golang, Redhat | 19 Fedora, Go, Acm and 16 more | 2024-11-21 | 7.5 High |
| In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. | ||||
| CVE-2022-24675 | 4 Fedoraproject, Golang, Netapp and 1 more | 17 Fedora, Go, Kubernetes Monitoring Operator and 14 more | 2024-11-21 | 7.5 High |
| encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. | ||||
| CVE-2022-23806 | 4 Debian, Golang, Netapp and 1 more | 14 Debian Linux, Go, Beegfs Csi Driver and 11 more | 2024-11-21 | 9.1 Critical |
| Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. | ||||
| CVE-2022-23773 | 3 Golang, Netapp, Redhat | 12 Go, Beegfs Csi Driver, Cloud Insights Telegraf Agent and 9 more | 2024-11-21 | 7.5 High |
| cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags. | ||||
| CVE-2022-23772 | 4 Debian, Golang, Netapp and 1 more | 13 Debian Linux, Go, Beegfs Csi Driver and 10 more | 2024-11-21 | 7.5 High |
| Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. | ||||
| CVE-2021-44716 | 4 Debian, Golang, Netapp and 1 more | 16 Debian Linux, Go, Cloud Insights Telegraf and 13 more | 2024-11-21 | 7.5 High |
| net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. | ||||
| CVE-2021-34558 | 5 Fedoraproject, Golang, Netapp and 2 more | 19 Fedora, Go, Cloud Insights Telegraf and 16 more | 2024-11-21 | 6.5 Medium |
| The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic. | ||||