Skip to main content

Astra Trident

3 CVEs product

Monthly

CVE-2023-39325 Go HIGH PATCH This Week

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Go Http2 Fedora Astra Trident +1
NVD
CVSS 3.1
7.5
EPSS
3.8%
CVE-2022-28948 Go HIGH POC PATCH This Week

An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Yaml Astra Trident
NVD GitHub
CVSS 3.1
7.5
EPSS
3.7%
CVE-2022-24921 Go HIGH PATCH This Week

regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Go Astra Trident Debian Linux
NVD
CVSS 3.1
7.5
EPSS
3.3%
EPSS 4% CVSS 7.5
HIGH PATCH This Week

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Go Http2 +3
NVD
EPSS 4% CVSS 7.5
HIGH POC PATCH This Week

An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Yaml Astra Trident
NVD GitHub
EPSS 3% CVSS 7.5
HIGH PATCH This Week

regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Go Astra Trident +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy