Количество 84
Количество 84
RLSA-2024:7136
Important: git-lfs security update
RLSA-2024:7135
Important: git-lfs security update
RLSA-2024:6947
Important: grafana security update
RLSA-2024:6946
Important: grafana-pcp security update
GHSA-crqm-pwhx-j97f
Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
ELSA-2025-3773
ELSA-2025-3773: delve and golang security update (IMPORTANT)
ELSA-2024-9472
ELSA-2024-9472: grafana-pcp security update (IMPORTANT)
ELSA-2024-9456
ELSA-2024-9456: osbuild-composer security update (IMPORTANT)
ELSA-2024-8111
ELSA-2024-8111: skopeo security update (IMPORTANT)
ELSA-2024-8110
ELSA-2024-8110: containernetworking-plugins security update (IMPORTANT)
ELSA-2024-7204
ELSA-2024-7204: osbuild-composer security update (IMPORTANT)
ELSA-2024-7136
ELSA-2024-7136: git-lfs security update (IMPORTANT)
ELSA-2024-7135
ELSA-2024-7135: git-lfs security update (IMPORTANT)
ELSA-2024-6947
ELSA-2024-6947: grafana security update (IMPORTANT)
ELSA-2024-6946
ELSA-2024-6946: grafana-pcp security update (IMPORTANT)
ELSA-2024-11217
ELSA-2024-11217: skopeo security update (IMPORTANT)
ELSA-2024-11216
ELSA-2024-11216: containernetworking-plugins security update (MODERATE)
BDU:2024-07025
Уязвимость функции Decoder.Decode языка программирования Go, позволяющая нарушителю вызвать отказ в обслуживании
CVE-2024-9341
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.
CVE-2024-9341
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | RLSA-2024:7136 Important: git-lfs security update | 0% Низкий | 9 месяцев назад | |
| RLSA-2024:7135 Important: git-lfs security update | 0% Низкий | 9 месяцев назад | |
| RLSA-2024:6947 Important: grafana security update | 0% Низкий | 9 месяцев назад | |
| RLSA-2024:6946 Important: grafana-pcp security update | 0% Низкий | 9 месяцев назад | |
| GHSA-crqm-pwhx-j97f Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. | CVSS3: 7.5 | 0% Низкий | 10 месяцев назад |
| ELSA-2025-3773 ELSA-2025-3773: delve and golang security update (IMPORTANT) | 2 месяца назад | ||
| ELSA-2024-9472 ELSA-2024-9472: grafana-pcp security update (IMPORTANT) | 7 месяцев назад | ||
| ELSA-2024-9456 ELSA-2024-9456: osbuild-composer security update (IMPORTANT) | 7 месяцев назад | ||
| ELSA-2024-8111 ELSA-2024-8111: skopeo security update (IMPORTANT) | 8 месяцев назад | ||
| ELSA-2024-8110 ELSA-2024-8110: containernetworking-plugins security update (IMPORTANT) | 8 месяцев назад | ||
| ELSA-2024-7204 ELSA-2024-7204: osbuild-composer security update (IMPORTANT) | 9 месяцев назад | ||
| ELSA-2024-7136 ELSA-2024-7136: git-lfs security update (IMPORTANT) | 9 месяцев назад | ||
| ELSA-2024-7135 ELSA-2024-7135: git-lfs security update (IMPORTANT) | 9 месяцев назад | ||
| ELSA-2024-6947 ELSA-2024-6947: grafana security update (IMPORTANT) | 9 месяцев назад | ||
| ELSA-2024-6946 ELSA-2024-6946: grafana-pcp security update (IMPORTANT) | 9 месяцев назад | ||
| ELSA-2024-11217 ELSA-2024-11217: skopeo security update (IMPORTANT) | 6 месяцев назад | ||
| ELSA-2024-11216 ELSA-2024-11216: containernetworking-plugins security update (MODERATE) | 6 месяцев назад | ||
 | BDU:2024-07025 Уязвимость функции Decoder.Decode языка программирования Go, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | 10 месяцев назад |
 | CVE-2024-9341 A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. | CVSS3: 5.4 | 0% Низкий | 9 месяцев назад |
 | CVE-2024-9341 A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. | CVSS3: 5.4 | 0% Низкий | 9 месяцев назад |
Уязвимостей на страницу