google-osconfig-agent (SUSE:Linux Enterprise Module for Public Cloud 12) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Public Cloud 12 package google-osconfig-agent, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2021-38297 — CVSS 9.8 (critical): Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when…
CVE-2024-24790 — CVSS 9.8 (critical): The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses…
CVE-2022-23806 — CVSS 9.1 (critical): Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int…
CVE-2026-33186 — CVSS 9.1 (critical): gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input…
CVE-2025-22868 — CVSS 7.5 (high): An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
CVE-2024-45339 — CVSS 7.1 (high): When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process's log file…