Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:8111

Опубликовано: 25 окт. 2024
Источник: rocky
Оценка: Important

Описание

Important: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.

Security Fix(es):

  • encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
skopeox86_642.el9_4skopeo-1.14.5-2.el9_4.x86_64.rpm
skopeo-testsx86_642.el9_4skopeo-tests-1.14.5-2.el9_4.x86_64.rpm

Показывать по

Связанные CVE

CVE-2024-34156

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2024-34156

CVSS3: 7.5
ubuntu
10 месяцев назад

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

redhat логотип

CVE-2024-34156

CVSS3: 7.5
redhat
10 месяцев назад

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

nvd логотип

CVE-2024-34156

CVSS3: 7.5
nvd
10 месяцев назад

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

debian логотип

CVE-2024-34156

CVSS3: 7.5
debian
10 месяцев назад

Calling Decoder.Decode on a message which contains deeply nested struc ...

rocky логотип

RLSA-2024:8110

rocky
8 месяцев назад

Important: containernetworking-plugins security update