Количество 43
Количество 43
ELSA-2024-12348
ELSA-2024-12348: cri-o security update (IMPORTANT)
ELSA-2024-12347
ELSA-2024-12347: cri-o security update (IMPORTANT)
ELSA-2024-12329
ELSA-2024-12329: cri-o security update (IMPORTANT)
ELSA-2024-12328
ELSA-2024-12328: cri-o security update (IMPORTANT)
CVE-2024-23327
Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the protocol block. This issue has been addressed in releases 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-23327
Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the protocol block. This issue has been addressed in releases 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-23327
Envoy is a high-performance edge/middle/service proxy. When PPv2 is en ...
CVE-2024-24786
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
CVE-2024-24786
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
CVE-2024-24786
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
CVE-2024-24786
CVE-2024-24786
The protojson.Unmarshal function can enter an infinite loop when unmar ...
BDU:2024-02907
Уязвимость прокси-сервера Envoy, связанная с ошибками разыменования указателей, позволяющая нарушителю вызвать отказ в обслуживании
RLSA-2024:4246
Moderate: container-tools security update
RLSA-2024:2550
Moderate: buildah bug fix update
GHSA-8r3f-844c-mc37
Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON
ELSA-2024-4246
ELSA-2024-4246: container-tools security update (MODERATE)
ELSA-2024-2550
ELSA-2024-2550: buildah bug fix update (MODERATE)
BDU:2024-04111
Уязвимость функции protojson.Unmarshal() пакета golang-google-protobuf языка программирования Golang, связанная с циклом с недостижимым условием выхода, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2024:2090-1
Security update for podman
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2024-12348 ELSA-2024-12348: cri-o security update (IMPORTANT) | около 2 лет назад | ||
| ELSA-2024-12347 ELSA-2024-12347: cri-o security update (IMPORTANT) | около 2 лет назад | ||
| ELSA-2024-12329 ELSA-2024-12329: cri-o security update (IMPORTANT) | около 2 лет назад | ||
| ELSA-2024-12328 ELSA-2024-12328: cri-o security update (IMPORTANT) | около 2 лет назад | ||
 | CVE-2024-23327 Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the protocol block. This issue has been addressed in releases 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
 | CVE-2024-23327 Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the protocol block. This issue has been addressed in releases 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
| CVE-2024-23327 Envoy is a high-performance edge/middle/service proxy. When PPv2 is en ... | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
 | CVE-2024-24786 The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
| CVE-2024-24786 The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set. | CVSS3: 5.9 | 1% Низкий | больше 2 лет назад |
| CVE-2024-24786 The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
 | 1% Низкий | больше 2 лет назад | ||
| CVE-2024-24786 The protojson.Unmarshal function can enter an infinite loop when unmar ... | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
 | BDU:2024-02907 Уязвимость прокси-сервера Envoy, связанная с ошибками разыменования указателей, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
 | RLSA-2024:4246 Moderate: container-tools security update | 1% Низкий | около 1 года назад | |
| RLSA-2024:2550 Moderate: buildah bug fix update | 1% Низкий | около 2 лет назад | |
| GHSA-8r3f-844c-mc37 Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
| ELSA-2024-4246 ELSA-2024-4246: container-tools security update (MODERATE) | почти 2 года назад | ||
| ELSA-2024-2550 ELSA-2024-2550: buildah bug fix update (MODERATE) | около 2 лет назад | ||
| BDU:2024-04111 Уязвимость функции protojson.Unmarshal() пакета golang-google-protobuf языка программирования Golang, связанная с циклом с недостижимым условием выхода, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.9 | 1% Низкий | больше 2 лет назад |
 | SUSE-SU-2024:2090-1 Security update for podman | около 2 лет назад |
Уязвимостей на страницу