Количество 86
Количество 86
RLSA-2024:3830
Moderate: gvisor-tap-vsock security and bug fix update
GHSA-rr6r-cfgf-gc6h
When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.
ELSA-2024-3831
ELSA-2024-3831: containernetworking-plugins security and bug fix update (MODERATE)
ELSA-2024-3830
ELSA-2024-3830: gvisor-tap-vsock security and bug fix update (MODERATE)
BDU:2024-02047
Уязвимость пакета golang операционной системы Debian GNU/Linux, позволяющая нарушителю вызвать отказ в обслуживании (DoS)
ELSA-2024-9089
ELSA-2024-9089: containernetworking-plugins security update (MODERATE)
CVE-2024-24785
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
CVE-2024-24785
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
CVE-2024-24785
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
CVE-2024-24785
Errors returned from JSON marshaling may break template escaping in html/template
CVE-2024-24785
If errors returned from MarshalJSON methods contain user controlled da ...
RLSA-2024:3827
Moderate: buildah security and bug fix update
RLSA-2024:3826
Moderate: podman security and bug fix update
ELSA-2024-3827
ELSA-2024-3827: buildah security and bug fix update (MODERATE)
ELSA-2024-3826
ELSA-2024-3826: podman security and bug fix update (MODERATE)
ELSA-2024-9098
ELSA-2024-9098: skopeo security update (MODERATE)
RLSA-2024:3346
Important: git-lfs security update
RLSA-2024:2724
Important: git-lfs security update
ELSA-2024-8038
ELSA-2024-8038: container-tools:ol8 security update (IMPORTANT)
ELSA-2024-3346
ELSA-2024-3346: git-lfs security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | RLSA-2024:3830 Moderate: gvisor-tap-vsock security and bug fix update | 0% Низкий | больше 1 года назад | |
| GHSA-rr6r-cfgf-gc6h When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines. | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
| ELSA-2024-3831 ELSA-2024-3831: containernetworking-plugins security and bug fix update (MODERATE) | больше 1 года назад | ||
| ELSA-2024-3830 ELSA-2024-3830: gvisor-tap-vsock security and bug fix update (MODERATE) | больше 1 года назад | ||
 | BDU:2024-02047 Уязвимость пакета golang операционной системы Debian GNU/Linux, позволяющая нарушителю вызвать отказ в обслуживании (DoS) | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
| ELSA-2024-9089 ELSA-2024-9089: containernetworking-plugins security update (MODERATE) | 11 месяцев назад | ||
 | CVE-2024-24785 If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates. | CVSS3: 5.4 | 0% Низкий | больше 1 года назад |
 | CVE-2024-24785 If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates. | CVSS3: 6.5 | 0% Низкий | больше 1 года назад |
 | CVE-2024-24785 If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates. | CVSS3: 5.4 | 0% Низкий | больше 1 года назад |
 | CVE-2024-24785 Errors returned from JSON marshaling may break template escaping in html/template | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
| CVE-2024-24785 If errors returned from MarshalJSON methods contain user controlled da ... | CVSS3: 5.4 | 0% Низкий | больше 1 года назад |
| RLSA-2024:3827 Moderate: buildah security and bug fix update | больше 1 года назад | ||
| RLSA-2024:3826 Moderate: podman security and bug fix update | больше 1 года назад | ||
| ELSA-2024-3827 ELSA-2024-3827: buildah security and bug fix update (MODERATE) | больше 1 года назад | ||
| ELSA-2024-3826 ELSA-2024-3826: podman security and bug fix update (MODERATE) | больше 1 года назад | ||
| ELSA-2024-9098 ELSA-2024-9098: skopeo security update (MODERATE) | 11 месяцев назад | ||
| RLSA-2024:3346 Important: git-lfs security update | больше 1 года назад | ||
| RLSA-2024:2724 Important: git-lfs security update | больше 1 года назад | ||
| ELSA-2024-8038 ELSA-2024-8038: container-tools:ol8 security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-3346 ELSA-2024-3346: git-lfs security update (IMPORTANT) | больше 1 года назад |
Уязвимостей на страницу