Количество 95
Количество 95
ROS-20240422-05
Множественные уязвимости golang
ROS-20240805-08
Множественные уязвимости consul
RLSA-2024:3830
Moderate: gvisor-tap-vsock security and bug fix update
GHSA-rr6r-cfgf-gc6h
When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.
ELSA-2024-3831
ELSA-2024-3831: containernetworking-plugins security and bug fix update (MODERATE)
ELSA-2024-3830
ELSA-2024-3830: gvisor-tap-vsock security and bug fix update (MODERATE)
BDU:2024-02047
Уязвимость пакета golang операционной системы Debian GNU/Linux, позволяющая нарушителю вызвать отказ в обслуживании (DoS)
ELSA-2024-9089
ELSA-2024-9089: containernetworking-plugins security update (MODERATE)
CVE-2024-24785
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
CVE-2024-24785
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
CVE-2024-24785
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
CVE-2024-24785
Errors returned from JSON marshaling may break template escaping in html/template
CVE-2024-24785
If errors returned from MarshalJSON methods contain user controlled da ...
RLSA-2024:3827
Moderate: buildah security and bug fix update
RLSA-2024:3826
Moderate: podman security and bug fix update
ELSA-2024-3827
ELSA-2024-3827: buildah security and bug fix update (MODERATE)
ELSA-2024-3826
ELSA-2024-3826: podman security and bug fix update (MODERATE)
ELSA-2024-9098
ELSA-2024-9098: skopeo security update (MODERATE)
RLSA-2024:8038
Important: container-tools:rhel8 security update
RLSA-2024:3346
Important: git-lfs security update
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | ROS-20240422-05 Множественные уязвимости golang | CVSS3: 7.5 | около 2 лет назад | |
| ROS-20240805-08 Множественные уязвимости consul | CVSS3: 7.5 | почти 2 года назад | |
 | RLSA-2024:3830 Moderate: gvisor-tap-vsock security and bug fix update | 1% Низкий | около 2 лет назад | |
| GHSA-rr6r-cfgf-gc6h When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines. | CVSS3: 6.5 | 1% Низкий | больше 2 лет назад |
| ELSA-2024-3831 ELSA-2024-3831: containernetworking-plugins security and bug fix update (MODERATE) | около 2 лет назад | ||
| ELSA-2024-3830 ELSA-2024-3830: gvisor-tap-vsock security and bug fix update (MODERATE) | около 2 лет назад | ||
 | BDU:2024-02047 Уязвимость пакета golang операционной системы Debian GNU/Linux, позволяющая нарушителю вызвать отказ в обслуживании (DoS) | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
| ELSA-2024-9089 ELSA-2024-9089: containernetworking-plugins security update (MODERATE) | больше 1 года назад | ||
 | CVE-2024-24785 If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates. | CVSS3: 5.4 | 1% Низкий | больше 2 лет назад |
 | CVE-2024-24785 If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates. | CVSS3: 6.5 | 1% Низкий | больше 2 лет назад |
 | CVE-2024-24785 If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates. | CVSS3: 5.4 | 1% Низкий | больше 2 лет назад |
 | CVE-2024-24785 Errors returned from JSON marshaling may break template escaping in html/template | CVSS3: 5.4 | 1% Низкий | 4 месяца назад |
| CVE-2024-24785 If errors returned from MarshalJSON methods contain user controlled da ... | CVSS3: 5.4 | 1% Низкий | больше 2 лет назад |
| RLSA-2024:3827 Moderate: buildah security and bug fix update | около 2 лет назад | ||
| RLSA-2024:3826 Moderate: podman security and bug fix update | около 2 лет назад | ||
| ELSA-2024-3827 ELSA-2024-3827: buildah security and bug fix update (MODERATE) | около 2 лет назад | ||
| ELSA-2024-3826 ELSA-2024-3826: podman security and bug fix update (MODERATE) | около 2 лет назад | ||
| ELSA-2024-9098 ELSA-2024-9098: skopeo security update (MODERATE) | больше 1 года назад | ||
| RLSA-2024:8038 Important: container-tools:rhel8 security update | больше 1 года назад | ||
| RLSA-2024:3346 Important: git-lfs security update | около 2 лет назад |
Уязвимостей на страницу