container-suseconnect (SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS package container-suseconnect, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2024-24790 — CVSS 9.8 (critical): The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses…
CVE-2022-41723 — CVSS 7.5 (high): A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service…
CVE-2022-41724 — CVSS 7.5 (high): Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers…
CVE-2022-41725 — CVSS 7.5 (high): A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with…
CVE-2022-41720 — CVSS 7.5 (high): On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of…
CVE-2024-24791 — CVSS 7.5 (high): The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a…
CVE-2024-24789 — CVSS 5.5 (medium): The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This…
CVE-2023-24532 — CVSS 5.3 (medium): The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars…