container-suseconnect (SUSE:Linux Enterprise Module for Containers 15 SP4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Containers 15 SP4 package container-suseconnect, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2022-41720 — CVSS 7.5 (high): On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of…
CVE-2022-41723 — CVSS 7.5 (high): A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service…
CVE-2022-41724 — CVSS 7.5 (high): Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers…
CVE-2022-41725 — CVSS 7.5 (high): A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with…
CVE-2023-24532 — CVSS 5.3 (medium): The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars…