gvisor-tap-vsock (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package gvisor-tap-vsock, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2025-22871 — CVSS 9.1 (critical): The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling…
CVE-2024-1394 — CVSS 7.5 (high): A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using…
CVE-2025-22869 — CVSS 7.5 (high): SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key…
CVE-2023-45290 — CVSS 6.5 (medium): When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue…
CVE-2024-24783 — CVSS 5.9 (medium): Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic…