Количество 93
Количество 93
GHSA-8xfx-rj4p-23jm
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.
BDU:2024-07020
Уязвимость функции Parse языка программирования Go, позволяющая нарушителю вызвать отказ в обслуживании
CVE-2024-9341
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.
CVE-2024-9341
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.
CVE-2024-9341
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.
CVE-2024-9341
Podman: buildah: cri-o: fips crypto-policy directory mounting issue in containers/common go library
CVE-2024-9341
A flaw was found in Go. When FIPS mode is enabled on a system, contain ...
CVE-2024-34156
Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
CVE-2024-34156
Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
CVE-2024-34156
Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
CVE-2024-34156
Stack exhaustion in Decoder.Decode in encoding/gob
CVE-2024-34156
Calling Decoder.Decode on a message which contains deeply nested struc ...
ROS-20241029-13
Уязвимость containers-common
ROS-20241029-04
Уязвимость podman
GHSA-mc76-5925-c5p6
Link Following in github.com/containers/common
BDU:2024-09461
Уязвимость библиотеки containers-common языка программирования Golang, связанная с неправильным разрешением ссылки перед доступом к файлу, позволяющая нарушителю получить доступ к конфиденциальной информации
RLSA-2024:9472
Important: grafana-pcp security update
RLSA-2024:9456
Important: osbuild-composer security update
RLSA-2024:8111
Important: skopeo security update
RLSA-2024:8110
Important: containernetworking-plugins security update
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-8xfx-rj4p-23jm Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion. | 0% Низкий | около 1 года назад | |
 | BDU:2024-07020 Уязвимость функции Parse языка программирования Go, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | CVE-2024-9341 A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. | CVSS3: 5.4 | 0% Низкий | около 1 года назад |
 | CVE-2024-9341 A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. | CVSS3: 5.4 | 0% Низкий | около 1 года назад |
 | CVE-2024-9341 A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. | CVSS3: 5.4 | 0% Низкий | около 1 года назад |
 | CVE-2024-9341 Podman: buildah: cri-o: fips crypto-policy directory mounting issue in containers/common go library | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
| CVE-2024-9341 A flaw was found in Go. When FIPS mode is enabled on a system, contain ... | CVSS3: 5.4 | 0% Низкий | около 1 года назад |
| CVE-2024-34156 Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| CVE-2024-34156 Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| CVE-2024-34156 Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| CVE-2024-34156 Stack exhaustion in Decoder.Decode in encoding/gob | 0% Низкий | около 2 месяцев назад | |
| CVE-2024-34156 Calling Decoder.Decode on a message which contains deeply nested struc ... | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | ROS-20241029-13 Уязвимость containers-common | CVSS3: 5.4 | 0% Низкий | 12 месяцев назад |
| ROS-20241029-04 Уязвимость podman | CVSS3: 5.4 | 0% Низкий | 12 месяцев назад |
| GHSA-mc76-5925-c5p6 Link Following in github.com/containers/common | CVSS3: 5.4 | 0% Низкий | около 1 года назад |
| BDU:2024-09461 Уязвимость библиотеки containers-common языка программирования Golang, связанная с неправильным разрешением ссылки перед доступом к файлу, позволяющая нарушителю получить доступ к конфиденциальной информации | CVSS3: 5.4 | 0% Низкий | около 1 года назад |
 | RLSA-2024:9472 Important: grafana-pcp security update | 0% Низкий | 7 месяцев назад | |
| RLSA-2024:9456 Important: osbuild-composer security update | 0% Низкий | 7 месяцев назад | |
| RLSA-2024:8111 Important: skopeo security update | 0% Низкий | 12 месяцев назад | |
| RLSA-2024:8110 Important: containernetworking-plugins security update | 0% Низкий | 12 месяцев назад |
Уязвимостей на страницу