Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 03 May 2026 02:01:14 +0000 8b992b37-e0b6-4881-94b0-138714370cd4 https://db.gcve.eu/sighting/8b992b37-e0b6-4881-94b0-138714370cd4/export {"uuid": "8b992b37-e0b6-4881-94b0-138714370cd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "RHSA-2024:5258", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1356", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1394\n\ud83d\udd39 Description: A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs\u200b. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey\u200b and ctx\u200b. That function uses named return parameters to free pkey\u200b and ctx\u200b if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the \"return nil, nil, fail(...)\" pattern, meaning that pkey\u200b and ctx\u200b will be nil inside the deferred function that should free them.\n\ud83d\udccf Published: 2024-03-21T12:16:38.790Z\n\ud83d\udccf Modified: 2025-01-13T08:35:31.150Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:1462\n2. https://access.redhat.com/errata/RHSA-2024:1468\n3. https://access.redhat.com/errata/RHSA-2024:1472\n4. https://access.redhat.com/errata/RHSA-2024:1501\n5. https://access.redhat.com/errata/RHSA-2024:1502\n6. https://access.redhat.com/errata/RHSA-2024:1561\n7. https://access.redhat.com/errata/RHSA-2024:1563\n8. https://access.redhat.com/errata/RHSA-2024:1566\n9. https://access.redhat.com/errata/RHSA-2024:1567\n10. https://access.redhat.com/errata/RHSA-2024:1574\n11. https://access.redhat.com/errata/RHSA-2024:1640\n12. https://access.redhat.com/errata/RHSA-2024:1644\n13. https://access.redhat.com/errata/RHSA-2024:1646\n14. https://access.redhat.com/errata/RHSA-2024:1763\n15. https://access.redhat.com/errata/RHSA-2024:1897\n16. https://access.redhat.com/errata/RHSA-2024:2562\n17. https://access.redhat.com/errata/RHSA-2024:2568\n18. https://access.redhat.com/errata/RHSA-2024:2569\n19. https://access.redhat.com/errata/RHSA-2024:2729\n20. https://access.redhat.com/errata/RHSA-2024:2730\n21. https://access.redhat.com/errata/RHSA-2024:2767\n22. https://access.redhat.com/errata/RHSA-2024:3265\n23. https://access.redhat.com/errata/RHSA-2024:3352\n24. https://access.redhat.com/errata/RHSA-2024:4146\n25. https://access.redhat.com/errata/RHSA-2024:4371\n26. https://access.redhat.com/errata/RHSA-2024:4378\n27. https://access.redhat.com/errata/RHSA-2024:4379\n28. https://access.redhat.com/errata/RHSA-2024:4502\n29. https://access.redhat.com/errata/RHSA-2024:4581\n30. https://access.redhat.com/errata/RHSA-2024:4591\n31. https://access.redhat.com/errata/RHSA-2024:4672\n32. https://access.redhat.com/errata/RHSA-2024:4699\n33. https://access.redhat.com/errata/RHSA-2024:4761\n34. https://access.redhat.com/errata/RHSA-2024:4762\n35. https://access.redhat.com/errata/RHSA-2024:4960\n36. https://access.redhat.com/errata/RHSA-2024:5258\n37. https://access.redhat.com/errata/RHSA-2024:5634\n38. https://access.redhat.com/errata/RHSA-2024:7262\n39. https://access.redhat.com/security/cve/CVE-2024-1394\n40. https://bugzilla.redhat.com/show_bug.cgi?id=2262921\n41. https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136\n42. https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6\n43. https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f\n44. https://pkg.go.dev/vuln/GO-2024-2660\n45. https://vuln.go.dev/ID/GO-2024-2660.json", "creation_timestamp": "2025-01-13T09:11:16.000000Z"} {"uuid": "8b992b37-e0b6-4881-94b0-138714370cd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "RHSA-2024:5258", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1356", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1394\n\ud83d\udd39 Description: A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs\u200b. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey\u200b and ctx\u200b. That function uses named return parameters to free pkey\u200b and ctx\u200b if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the \"return nil, nil, fail(...)\" pattern, meaning that pkey\u200b and ctx\u200b will be nil inside the deferred function that should free them.\n\ud83d\udccf Published: 2024-03-21T12:16:38.790Z\n\ud83d\udccf Modified: 2025-01-13T08:35:31.150Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:1462\n2. https://access.redhat.com/errata/RHSA-2024:1468\n3. https://access.redhat.com/errata/RHSA-2024:1472\n4. https://access.redhat.com/errata/RHSA-2024:1501\n5. https://access.redhat.com/errata/RHSA-2024:1502\n6. https://access.redhat.com/errata/RHSA-2024:1561\n7. https://access.redhat.com/errata/RHSA-2024:1563\n8. https://access.redhat.com/errata/RHSA-2024:1566\n9. https://access.redhat.com/errata/RHSA-2024:1567\n10. https://access.redhat.com/errata/RHSA-2024:1574\n11. https://access.redhat.com/errata/RHSA-2024:1640\n12. https://access.redhat.com/errata/RHSA-2024:1644\n13. https://access.redhat.com/errata/RHSA-2024:1646\n14. https://access.redhat.com/errata/RHSA-2024:1763\n15. https://access.redhat.com/errata/RHSA-2024:1897\n16. https://access.redhat.com/errata/RHSA-2024:2562\n17. https://access.redhat.com/errata/RHSA-2024:2568\n18. https://access.redhat.com/errata/RHSA-2024:2569\n19. https://access.redhat.com/errata/RHSA-2024:2729\n20. https://access.redhat.com/errata/RHSA-2024:2730\n21. https://access.redhat.com/errata/RHSA-2024:2767\n22. https://access.redhat.com/errata/RHSA-2024:3265\n23. https://access.redhat.com/errata/RHSA-2024:3352\n24. https://access.redhat.com/errata/RHSA-2024:4146\n25. https://access.redhat.com/errata/RHSA-2024:4371\n26. https://access.redhat.com/errata/RHSA-2024:4378\n27. https://access.redhat.com/errata/RHSA-2024:4379\n28. https://access.redhat.com/errata/RHSA-2024:4502\n29. https://access.redhat.com/errata/RHSA-2024:4581\n30. https://access.redhat.com/errata/RHSA-2024:4591\n31. https://access.redhat.com/errata/RHSA-2024:4672\n32. https://access.redhat.com/errata/RHSA-2024:4699\n33. https://access.redhat.com/errata/RHSA-2024:4761\n34. https://access.redhat.com/errata/RHSA-2024:4762\n35. https://access.redhat.com/errata/RHSA-2024:4960\n36. https://access.redhat.com/errata/RHSA-2024:5258\n37. https://access.redhat.com/errata/RHSA-2024:5634\n38. https://access.redhat.com/errata/RHSA-2024:7262\n39. https://access.redhat.com/security/cve/CVE-2024-1394\n40. https://bugzilla.redhat.com/show_bug.cgi?id=2262921\n41. https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136\n42. https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6\n43. https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f\n44. https://pkg.go.dev/vuln/GO-2024-2660\n45. https://vuln.go.dev/ID/GO-2024-2660.json", "creation_timestamp": "2025-01-13T09:11:16.000000Z"} https://db.gcve.eu/sighting/8b992b37-e0b6-4881-94b0-138714370cd4/export Mon, 13 Jan 2025 09:11:16 +0000 83ef2fac-5eac-4e8a-afa2-65eacd8ea94b https://db.gcve.eu/sighting/83ef2fac-5eac-4e8a-afa2-65eacd8ea94b/export {"uuid": "83ef2fac-5eac-4e8a-afa2-65eacd8ea94b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "RHSA-2024:5258", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1393", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-3727\n\ud83d\udd39 Description: A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.\n\ud83d\udccf Published: 2024-05-09T14:57:21.327Z\n\ud83d\udccf Modified: 2025-01-13T20:48:50.544Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:0045\n2. https://access.redhat.com/errata/RHSA-2024:3718\n3. https://access.redhat.com/errata/RHSA-2024:4159\n4. https://access.redhat.com/errata/RHSA-2024:4613\n5. https://access.redhat.com/errata/RHSA-2024:4850\n6. https://access.redhat.com/errata/RHSA-2024:4960\n7. https://access.redhat.com/errata/RHSA-2024:5258\n8. https://access.redhat.com/errata/RHSA-2024:5951\n9. https://access.redhat.com/errata/RHSA-2024:6054\n10. https://access.redhat.com/errata/RHSA-2024:6708\n11. https://access.redhat.com/errata/RHSA-2024:6824\n12. https://access.redhat.com/errata/RHSA-2024:7164\n13. https://access.redhat.com/errata/RHSA-2024:7174\n14. https://access.redhat.com/errata/RHSA-2024:7182\n15. https://access.redhat.com/errata/RHSA-2024:7187\n16. https://access.redhat.com/errata/RHSA-2024:7922\n17. https://access.redhat.com/errata/RHSA-2024:7941\n18. https://access.redhat.com/errata/RHSA-2024:8260\n19. https://access.redhat.com/errata/RHSA-2024:8425\n20. https://access.redhat.com/errata/RHSA-2024:9097\n21. https://access.redhat.com/errata/RHSA-2024:9098\n22. https://access.redhat.com/errata/RHSA-2024:9102\n23. https://access.redhat.com/errata/RHSA-2024:9960\n24. https://access.redhat.com/security/cve/CVE-2024-3727\n25. https://bugzilla.redhat.com/show_bug.cgi?id=2274767", "creation_timestamp": "2025-01-13T21:12:01.000000Z"} {"uuid": "83ef2fac-5eac-4e8a-afa2-65eacd8ea94b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "RHSA-2024:5258", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1393", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-3727\n\ud83d\udd39 Description: A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.\n\ud83d\udccf Published: 2024-05-09T14:57:21.327Z\n\ud83d\udccf Modified: 2025-01-13T20:48:50.544Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:0045\n2. https://access.redhat.com/errata/RHSA-2024:3718\n3. https://access.redhat.com/errata/RHSA-2024:4159\n4. https://access.redhat.com/errata/RHSA-2024:4613\n5. https://access.redhat.com/errata/RHSA-2024:4850\n6. https://access.redhat.com/errata/RHSA-2024:4960\n7. https://access.redhat.com/errata/RHSA-2024:5258\n8. https://access.redhat.com/errata/RHSA-2024:5951\n9. https://access.redhat.com/errata/RHSA-2024:6054\n10. https://access.redhat.com/errata/RHSA-2024:6708\n11. https://access.redhat.com/errata/RHSA-2024:6824\n12. https://access.redhat.com/errata/RHSA-2024:7164\n13. https://access.redhat.com/errata/RHSA-2024:7174\n14. https://access.redhat.com/errata/RHSA-2024:7182\n15. https://access.redhat.com/errata/RHSA-2024:7187\n16. https://access.redhat.com/errata/RHSA-2024:7922\n17. https://access.redhat.com/errata/RHSA-2024:7941\n18. https://access.redhat.com/errata/RHSA-2024:8260\n19. https://access.redhat.com/errata/RHSA-2024:8425\n20. https://access.redhat.com/errata/RHSA-2024:9097\n21. https://access.redhat.com/errata/RHSA-2024:9098\n22. https://access.redhat.com/errata/RHSA-2024:9102\n23. https://access.redhat.com/errata/RHSA-2024:9960\n24. https://access.redhat.com/security/cve/CVE-2024-3727\n25. https://bugzilla.redhat.com/show_bug.cgi?id=2274767", "creation_timestamp": "2025-01-13T21:12:01.000000Z"} https://db.gcve.eu/sighting/83ef2fac-5eac-4e8a-afa2-65eacd8ea94b/export Mon, 13 Jan 2025 21:12:01 +0000 4f6a2450-a238-4d61-8f6f-2355a10a98c7 https://db.gcve.eu/sighting/4f6a2450-a238-4d61-8f6f-2355a10a98c7/export {"uuid": "4f6a2450-a238-4d61-8f6f-2355a10a98c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "RHSA-2024:5258", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5260", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-3727\n\ud83d\udd25 CVSS Score: 8.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.\n\ud83d\udccf Published: 2024-05-09T14:57:21.327Z\n\ud83d\udccf Modified: 2025-02-25T08:07:16.415Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:0045\n2. https://access.redhat.com/errata/RHSA-2024:3718\n3. https://access.redhat.com/errata/RHSA-2024:4159\n4. https://access.redhat.com/errata/RHSA-2024:4613\n5. https://access.redhat.com/errata/RHSA-2024:4850\n6. https://access.redhat.com/errata/RHSA-2024:4960\n7. https://access.redhat.com/errata/RHSA-2024:5258\n8. https://access.redhat.com/errata/RHSA-2024:5951\n9. https://access.redhat.com/errata/RHSA-2024:6054\n10. https://access.redhat.com/errata/RHSA-2024:6122\n11. https://access.redhat.com/errata/RHSA-2024:6708\n12. https://access.redhat.com/errata/RHSA-2024:6818\n13. https://access.redhat.com/errata/RHSA-2024:6824\n14. https://access.redhat.com/errata/RHSA-2024:7164\n15. https://access.redhat.com/errata/RHSA-2024:7174\n16. https://access.redhat.com/errata/RHSA-2024:7182\n17. https://access.redhat.com/errata/RHSA-2024:7187\n18. https://access.redhat.com/errata/RHSA-2024:7922\n19. https://access.redhat.com/errata/RHSA-2024:7941\n20. https://access.redhat.com/errata/RHSA-2024:8260\n21. https://access.redhat.com/errata/RHSA-2024:8425\n22. https://access.redhat.com/errata/RHSA-2024:9097\n23. https://access.redhat.com/errata/RHSA-2024:9098\n24. https://access.redhat.com/errata/RHSA-2024:9102\n25. https://access.redhat.com/errata/RHSA-2024:9960\n26. https://access.redhat.com/security/cve/CVE-2024-3727\n27. https://bugzilla.redhat.com/show_bug.cgi?id=2274767", "creation_timestamp": "2025-02-25T08:25:24.000000Z"} {"uuid": "4f6a2450-a238-4d61-8f6f-2355a10a98c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "RHSA-2024:5258", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5260", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-3727\n\ud83d\udd25 CVSS Score: 8.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.\n\ud83d\udccf Published: 2024-05-09T14:57:21.327Z\n\ud83d\udccf Modified: 2025-02-25T08:07:16.415Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:0045\n2. https://access.redhat.com/errata/RHSA-2024:3718\n3. https://access.redhat.com/errata/RHSA-2024:4159\n4. https://access.redhat.com/errata/RHSA-2024:4613\n5. https://access.redhat.com/errata/RHSA-2024:4850\n6. https://access.redhat.com/errata/RHSA-2024:4960\n7. https://access.redhat.com/errata/RHSA-2024:5258\n8. https://access.redhat.com/errata/RHSA-2024:5951\n9. https://access.redhat.com/errata/RHSA-2024:6054\n10. https://access.redhat.com/errata/RHSA-2024:6122\n11. https://access.redhat.com/errata/RHSA-2024:6708\n12. https://access.redhat.com/errata/RHSA-2024:6818\n13. https://access.redhat.com/errata/RHSA-2024:6824\n14. https://access.redhat.com/errata/RHSA-2024:7164\n15. https://access.redhat.com/errata/RHSA-2024:7174\n16. https://access.redhat.com/errata/RHSA-2024:7182\n17. https://access.redhat.com/errata/RHSA-2024:7187\n18. https://access.redhat.com/errata/RHSA-2024:7922\n19. https://access.redhat.com/errata/RHSA-2024:7941\n20. https://access.redhat.com/errata/RHSA-2024:8260\n21. https://access.redhat.com/errata/RHSA-2024:8425\n22. https://access.redhat.com/errata/RHSA-2024:9097\n23. https://access.redhat.com/errata/RHSA-2024:9098\n24. https://access.redhat.com/errata/RHSA-2024:9102\n25. https://access.redhat.com/errata/RHSA-2024:9960\n26. https://access.redhat.com/security/cve/CVE-2024-3727\n27. https://bugzilla.redhat.com/show_bug.cgi?id=2274767", "creation_timestamp": "2025-02-25T08:25:24.000000Z"} https://db.gcve.eu/sighting/4f6a2450-a238-4d61-8f6f-2355a10a98c7/export Tue, 25 Feb 2025 08:25:24 +0000 461d9c0d-cc40-417a-b563-33671c547adf https://db.gcve.eu/sighting/461d9c0d-cc40-417a-b563-33671c547adf/export {"uuid": "461d9c0d-cc40-417a-b563-33671c547adf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "RHSA-2024:5258", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16071", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1394\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs\u200b. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey\u200b and ctx\u200b. That function uses named return parameters to free pkey\u200b and ctx\u200b if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the \"return nil, nil, fail(...)\" pattern, meaning that pkey\u200b and ctx\u200b will be nil inside the deferred function that should free them.\n\ud83d\udccf Published: 2024-03-21T12:16:38.790Z\n\ud83d\udccf Modified: 2025-05-12T23:02:02.486Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:1462\n2. https://access.redhat.com/errata/RHSA-2024:1468\n3. https://access.redhat.com/errata/RHSA-2024:1472\n4. https://access.redhat.com/errata/RHSA-2024:1501\n5. https://access.redhat.com/errata/RHSA-2024:1502\n6. https://access.redhat.com/errata/RHSA-2024:1561\n7. https://access.redhat.com/errata/RHSA-2024:1563\n8. https://access.redhat.com/errata/RHSA-2024:1566\n9. https://access.redhat.com/errata/RHSA-2024:1567\n10. https://access.redhat.com/errata/RHSA-2024:1574\n11. https://access.redhat.com/errata/RHSA-2024:1640\n12. https://access.redhat.com/errata/RHSA-2024:1644\n13. https://access.redhat.com/errata/RHSA-2024:1646\n14. https://access.redhat.com/errata/RHSA-2024:1763\n15. https://access.redhat.com/errata/RHSA-2024:1897\n16. https://access.redhat.com/errata/RHSA-2024:2562\n17. https://access.redhat.com/errata/RHSA-2024:2568\n18. https://access.redhat.com/errata/RHSA-2024:2569\n19. https://access.redhat.com/errata/RHSA-2024:2729\n20. https://access.redhat.com/errata/RHSA-2024:2730\n21. https://access.redhat.com/errata/RHSA-2024:2767\n22. https://access.redhat.com/errata/RHSA-2024:3265\n23. https://access.redhat.com/errata/RHSA-2024:3352\n24. https://access.redhat.com/errata/RHSA-2024:4146\n25. https://access.redhat.com/errata/RHSA-2024:4371\n26. https://access.redhat.com/errata/RHSA-2024:4378\n27. https://access.redhat.com/errata/RHSA-2024:4379\n28. https://access.redhat.com/errata/RHSA-2024:4502\n29. https://access.redhat.com/errata/RHSA-2024:4581\n30. https://access.redhat.com/errata/RHSA-2024:4591\n31. https://access.redhat.com/errata/RHSA-2024:4672\n32. https://access.redhat.com/errata/RHSA-2024:4699\n33. https://access.redhat.com/errata/RHSA-2024:4761\n34. https://access.redhat.com/errata/RHSA-2024:4762\n35. https://access.redhat.com/errata/RHSA-2024:4960\n36. https://access.redhat.com/errata/RHSA-2024:5258\n37. https://access.redhat.com/errata/RHSA-2024:5634\n38. https://access.redhat.com/errata/RHSA-2024:7262\n39. https://access.redhat.com/security/cve/CVE-2024-1394\n40. https://bugzilla.redhat.com/show_bug.cgi?id=2262921\n41. https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136\n42. https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6\n43. https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f\n44. https://pkg.go.dev/vuln/GO-2024-2660\n45. https://vuln.go.dev/ID/GO-2024-2660.json", "creation_timestamp": "2025-05-12T23:29:31.000000Z"} {"uuid": "461d9c0d-cc40-417a-b563-33671c547adf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "RHSA-2024:5258", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16071", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1394\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs\u200b. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey\u200b and ctx\u200b. That function uses named return parameters to free pkey\u200b and ctx\u200b if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the \"return nil, nil, fail(...)\" pattern, meaning that pkey\u200b and ctx\u200b will be nil inside the deferred function that should free them.\n\ud83d\udccf Published: 2024-03-21T12:16:38.790Z\n\ud83d\udccf Modified: 2025-05-12T23:02:02.486Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:1462\n2. https://access.redhat.com/errata/RHSA-2024:1468\n3. https://access.redhat.com/errata/RHSA-2024:1472\n4. https://access.redhat.com/errata/RHSA-2024:1501\n5. https://access.redhat.com/errata/RHSA-2024:1502\n6. https://access.redhat.com/errata/RHSA-2024:1561\n7. https://access.redhat.com/errata/RHSA-2024:1563\n8. https://access.redhat.com/errata/RHSA-2024:1566\n9. https://access.redhat.com/errata/RHSA-2024:1567\n10. https://access.redhat.com/errata/RHSA-2024:1574\n11. https://access.redhat.com/errata/RHSA-2024:1640\n12. https://access.redhat.com/errata/RHSA-2024:1644\n13. https://access.redhat.com/errata/RHSA-2024:1646\n14. https://access.redhat.com/errata/RHSA-2024:1763\n15. https://access.redhat.com/errata/RHSA-2024:1897\n16. https://access.redhat.com/errata/RHSA-2024:2562\n17. https://access.redhat.com/errata/RHSA-2024:2568\n18. https://access.redhat.com/errata/RHSA-2024:2569\n19. https://access.redhat.com/errata/RHSA-2024:2729\n20. https://access.redhat.com/errata/RHSA-2024:2730\n21. https://access.redhat.com/errata/RHSA-2024:2767\n22. https://access.redhat.com/errata/RHSA-2024:3265\n23. https://access.redhat.com/errata/RHSA-2024:3352\n24. https://access.redhat.com/errata/RHSA-2024:4146\n25. https://access.redhat.com/errata/RHSA-2024:4371\n26. https://access.redhat.com/errata/RHSA-2024:4378\n27. https://access.redhat.com/errata/RHSA-2024:4379\n28. https://access.redhat.com/errata/RHSA-2024:4502\n29. https://access.redhat.com/errata/RHSA-2024:4581\n30. https://access.redhat.com/errata/RHSA-2024:4591\n31. https://access.redhat.com/errata/RHSA-2024:4672\n32. https://access.redhat.com/errata/RHSA-2024:4699\n33. https://access.redhat.com/errata/RHSA-2024:4761\n34. https://access.redhat.com/errata/RHSA-2024:4762\n35. https://access.redhat.com/errata/RHSA-2024:4960\n36. https://access.redhat.com/errata/RHSA-2024:5258\n37. https://access.redhat.com/errata/RHSA-2024:5634\n38. https://access.redhat.com/errata/RHSA-2024:7262\n39. https://access.redhat.com/security/cve/CVE-2024-1394\n40. https://bugzilla.redhat.com/show_bug.cgi?id=2262921\n41. https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136\n42. https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6\n43. https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f\n44. https://pkg.go.dev/vuln/GO-2024-2660\n45. https://vuln.go.dev/ID/GO-2024-2660.json", "creation_timestamp": "2025-05-12T23:29:31.000000Z"} https://db.gcve.eu/sighting/461d9c0d-cc40-417a-b563-33671c547adf/export Mon, 12 May 2025 23:29:31 +0000