rekor (SUSE:Linux Enterprise Server 15 SP4-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 15 SP4-LTSS package rekor, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2023-45288 — CVSS 7.5 (high): An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames…
CVE-2025-22868 — CVSS 7.5 (high): An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
CVE-2025-22869 — CVSS 7.5 (high): SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key…
CVE-2025-30204 — CVSS 7.5 (high): golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function…
CVE-2025-27144: Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web…
CVE-2024-6104 — CVSS 6.0 (medium): go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing…