Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:11217

Опубликовано: 17 мар. 2025
Источник: rocky
Оценка: Important

Описание

Important: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.

Security Fix(es):

  • encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
skopeox86_642.el9_5skopeo-1.16.1-2.el9_5.x86_64.rpm
skopeo-testsx86_642.el9_5skopeo-tests-1.16.1-2.el9_5.x86_64.rpm

Показывать по

Связанные CVE

CVE-2024-34156

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2024-34156

CVSS3: 7.5
ubuntu
около 1 года назад

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

redhat логотип

CVE-2024-34156

CVSS3: 7.5
redhat
около 1 года назад

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

nvd логотип

CVE-2024-34156

CVSS3: 7.5
nvd
около 1 года назад

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

msrc логотип

CVE-2024-34156

msrc
около 2 месяцев назад

Stack exhaustion in Decoder.Decode in encoding/gob

debian логотип

CVE-2024-34156

CVSS3: 7.5
debian
около 1 года назад

Calling Decoder.Decode on a message which contains deeply nested struc ...