Количество 43
Количество 43
ELSA-2024-12348
ELSA-2024-12348: cri-o security update (IMPORTANT)
ELSA-2024-12347
ELSA-2024-12347: cri-o security update (IMPORTANT)
ELSA-2024-12329
ELSA-2024-12329: cri-o security update (IMPORTANT)
ELSA-2024-12328
ELSA-2024-12328: cri-o security update (IMPORTANT)
CVE-2024-23327
Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the protocol block. This issue has been addressed in releases 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-23327
Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the protocol block. This issue has been addressed in releases 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-23327
Envoy is a high-performance edge/middle/service proxy. When PPv2 is en ...
CVE-2024-24786
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
CVE-2024-24786
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
CVE-2024-24786
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
CVE-2024-24786
CVE-2024-24786
The protojson.Unmarshal function can enter an infinite loop when unmar ...
BDU:2024-02907
Уязвимость прокси-сервера Envoy, связанная с ошибками разыменования указателей, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20240522-06
Уязвимость golang-google-protobuf
RLSA-2024:4246
Moderate: container-tools security update
RLSA-2024:2550
Moderate: buildah bug fix update
GHSA-8r3f-844c-mc37
Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON
ELSA-2024-4246
ELSA-2024-4246: container-tools security update (MODERATE)
ELSA-2024-2550
ELSA-2024-2550: buildah bug fix update (MODERATE)
BDU:2024-04111
Уязвимость функции protojson.Unmarshal() пакета golang-google-protobuf языка программирования Golang, связанная с циклом с недостижимым условием выхода, позволяющая нарушителю вызвать отказ в обслуживании
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2024-12348 ELSA-2024-12348: cri-o security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2024-12347 ELSA-2024-12347: cri-o security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2024-12329 ELSA-2024-12329: cri-o security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2024-12328 ELSA-2024-12328: cri-o security update (IMPORTANT) | больше 1 года назад | ||
 | CVE-2024-23327 Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the protocol block. This issue has been addressed in releases 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
 | CVE-2024-23327 Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the protocol block. This issue has been addressed in releases 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
| CVE-2024-23327 Envoy is a high-performance edge/middle/service proxy. When PPv2 is en ... | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
 | CVE-2024-24786 The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set. | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
| CVE-2024-24786 The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set. | CVSS3: 5.9 | 0% Низкий | почти 2 года назад |
| CVE-2024-24786 The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set. | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
 | CVSS3: 7.5 | 0% Низкий | около 1 года назад | |
| CVE-2024-24786 The protojson.Unmarshal function can enter an infinite loop when unmar ... | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
 | BDU:2024-02907 Уязвимость прокси-сервера Envoy, связанная с ошибками разыменования указателей, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
 | ROS-20240522-06 Уязвимость golang-google-protobuf | CVSS3: 5.9 | 0% Низкий | больше 1 года назад |
 | RLSA-2024:4246 Moderate: container-tools security update | 0% Низкий | 7 месяцев назад | |
| RLSA-2024:2550 Moderate: buildah bug fix update | 0% Низкий | больше 1 года назад | |
| GHSA-8r3f-844c-mc37 Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
| ELSA-2024-4246 ELSA-2024-4246: container-tools security update (MODERATE) | больше 1 года назад | ||
| ELSA-2024-2550 ELSA-2024-2550: buildah bug fix update (MODERATE) | больше 1 года назад | ||
| BDU:2024-04111 Уязвимость функции protojson.Unmarshal() пакета golang-google-protobuf языка программирования Golang, связанная с циклом с недостижимым условием выхода, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.9 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу