Описание
Memory-safety vulnerability in github.com/jackc/pgx/v5.
A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Custom Metric Autoscaler operator for Red Hat Openshift | redhat-user-workloads/keda-adapter | Affected | ||
| Custom Metric Autoscaler operator for Red Hat Openshift | redhat-user-workloads/keda-operator | Affected | ||
| Custom Metric Autoscaler operator for Red Hat Openshift | redhat-user-workloads/keda-webhooks | Affected | ||
| Multicluster Engine for Kubernetes | redhat-user-workloads/azure-service-operator-mce-211 | Affected | ||
| Multicluster Global Hub | multicluster-globalhub/multicluster-globalhub-agent-rhel8 | Affected | ||
| Multicluster Global Hub | multicluster-globalhub/multicluster-globalhub-kessel-inventory-api-rhel9 | Affected | ||
| Multicluster Global Hub | multicluster-globalhub/multicluster-globalhub-manager-rhel8 | Affected | ||
| Multicluster Global Hub | multicluster-globalhub/multicluster-globalhub-operator-bundle | Not affected | ||
| Multicluster Global Hub | multicluster-globalhub/multicluster-globalhub-rhel8-operator | Affected | ||
| Multicluster Global Hub | redhat-user-workloads/multicluster-global-hub-agent-globalhub-1-4 | Affected |
Показывать по
Дополнительная информация
Статус:
8.3 High
CVSS3
Связанные уязвимости
Memory-safety vulnerability in github.com/jackc/pgx/v5.
8.3 High
CVSS3