Количество 65
Количество 65
ELSA-2024-6194
ELSA-2024-6194: podman security update (IMPORTANT)
ELSA-2024-5258
ELSA-2024-5258: container-tools:ol8 security update (IMPORTANT)
CVE-2024-6104
go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.
CVE-2024-6104
go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.
CVE-2024-6104
go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.
CVE-2024-6104
CVE-2024-6104
go-retryablehttp prior to 0.7.7 did not sanitize urls when writing the ...
openSUSE-SU-2024:0227-1
Security update for gh
openSUSE-SU-2024:0226-1
Security update for gh
SUSE-SU-2024:2286-1
Security update for podman
ROS-20240902-12
Уязвимость python3-pansi
GHSA-v6v8-xj6m-xwqh
go-retryablehttp can leak basic auth credentials to log files
BDU:2024-06681
Уязвимость пакета retryablehttp, связанная с вставкой конфиденциальной информации в файл журнала, позволяющая нарушителю получить конфиденциальные учетные данные базовой аутентификации HTTP
CVE-2024-37298
gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue.
CVE-2024-37298
gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue.
CVE-2024-37298
gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue.
CVE-2024-37298
CVE-2024-37298
gorilla/schema converts structs to and from form values. Prior to vers ...
SUSE-SU-2025:0458-1
Security update for podman
SUSE-SU-2025:0420-1
Security update for skopeo
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2024-6194 ELSA-2024-6194: podman security update (IMPORTANT) | 11 месяцев назад | ||
| ELSA-2024-5258 ELSA-2024-5258: container-tools:ol8 security update (IMPORTANT) | 11 месяцев назад | ||
 | CVE-2024-6104 go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. | CVSS3: 6 | 0% Низкий | около 1 года назад |
 | CVE-2024-6104 go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. | CVSS3: 6 | 0% Низкий | около 1 года назад |
 | CVE-2024-6104 go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. | CVSS3: 6 | 0% Низкий | около 1 года назад |
 | CVSS3: 5.5 | 0% Низкий | 10 месяцев назад | |
| CVE-2024-6104 go-retryablehttp prior to 0.7.7 did not sanitize urls when writing the ... | CVSS3: 6 | 0% Низкий | около 1 года назад |
 | openSUSE-SU-2024:0227-1 Security update for gh | 0% Низкий | 12 месяцев назад | |
| openSUSE-SU-2024:0226-1 Security update for gh | 0% Низкий | 12 месяцев назад | |
| SUSE-SU-2024:2286-1 Security update for podman | 0% Низкий | около 1 года назад | |
 | ROS-20240902-12 Уязвимость python3-pansi | CVSS3: 5.5 | 0% Низкий | 11 месяцев назад |
| GHSA-v6v8-xj6m-xwqh go-retryablehttp can leak basic auth credentials to log files | CVSS3: 6 | 0% Низкий | около 1 года назад |
 | BDU:2024-06681 Уязвимость пакета retryablehttp, связанная с вставкой конфиденциальной информации в файл журнала, позволяющая нарушителю получить конфиденциальные учетные данные базовой аутентификации HTTP | CVSS3: 5.5 | 0% Низкий | около 1 года назад |
| CVE-2024-37298 gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| CVE-2024-37298 gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| CVE-2024-37298 gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| CVSS3: 7.5 | 0% Низкий | 12 месяцев назад | |
| CVE-2024-37298 gorilla/schema converts structs to and from form values. Prior to vers ... | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| SUSE-SU-2025:0458-1 Security update for podman | 5 месяцев назад | ||
| SUSE-SU-2025:0420-1 Security update for skopeo | 5 месяцев назад |
Уязвимостей на страницу