google-guest-agent (SUSE:Linux Enterprise Module for Public Cloud 15 SP3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Public Cloud 15 SP3 package google-guest-agent, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2021-38297 — CVSS 9.8 (critical): Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when…
CVE-2022-23806 — CVSS 9.1 (critical): Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int…
CVE-2024-45337 — CVSS 9.1 (critical): Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be…
CVE-2025-22868 — CVSS 7.5 (high): An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.