go1.19-openssl (SUSE:Linux Enterprise Module for Development Tools 15 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Development Tools 15 SP5 package go1.19-openssl, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2023-29406 — CVSS 6.5 (medium): The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers…
CVE-2023-29409 — CVSS 5.3 (medium): Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the…