diff --git a/.github/sec-build-lite.md b/.github/sec-build-lite.md index 1bc581fd..1788e694 100644 --- a/.github/sec-build-lite.md +++ b/.github/sec-build-lite.md @@ -10,10 +10,10 @@ │ │ │ ╰ UID : 91b2a8258892ebb │ │ ├ InstalledVersion: 9.4-3ubuntu6 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2016-2781 │ │ ├ DataSource ╭ ID : ubuntu @@ -64,10 +64,10 @@ │ │ │ ╰ UID : d07658206489dabb │ │ ├ InstalledVersion: 2.4.4-2ubuntu17 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2022-3219 │ │ ├ DataSource ╭ ID : ubuntu @@ -108,10 +108,10 @@ │ │ │ ╰ UID : ff04c1ae447b9ee8 │ │ ├ InstalledVersion: 1:2.43.0-1ubuntu7.1 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2018-1000021 │ │ ├ DataSource ╭ ID : ubuntu @@ -156,10 +156,10 @@ │ │ │ ╰ UID : f37cc278e867a8e5 │ │ ├ InstalledVersion: 1:2.43.0-1ubuntu7.1 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2018-1000021 │ │ ├ DataSource ╭ ID : ubuntu @@ -204,10 +204,10 @@ │ │ │ ╰ UID : 68e2e95b30b84c0d │ │ ├ InstalledVersion: 2.4.4-2ubuntu17 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2022-3219 │ │ ├ DataSource ╭ ID : ubuntu @@ -248,10 +248,10 @@ │ │ │ ╰ UID : 7ae2ce0bd9b3c5a1 │ │ ├ InstalledVersion: 2.4.4-2ubuntu17 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2022-3219 │ │ ├ DataSource ╭ ID : ubuntu @@ -292,10 +292,10 @@ │ │ │ ╰ UID : 9ba46194e0f466da │ │ ├ InstalledVersion: 2.4.4-2ubuntu17 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2022-3219 │ │ ├ DataSource ╭ ID : ubuntu @@ -336,10 +336,10 @@ │ │ │ ╰ UID : 94d84e8dec1e4720 │ │ ├ InstalledVersion: 2.4.4-2ubuntu17 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2022-3219 │ │ ├ DataSource ╭ ID : ubuntu @@ -380,10 +380,10 @@ │ │ │ ╰ UID : cfed3a54d22cd7db │ │ ├ InstalledVersion: 2.4.4-2ubuntu17 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2022-3219 │ │ ├ DataSource ╭ ID : ubuntu @@ -424,10 +424,10 @@ │ │ │ ╰ UID : 2e334cd1196889d5 │ │ ├ InstalledVersion: 2.4.4-2ubuntu17 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2022-3219 │ │ ├ DataSource ╭ ID : ubuntu @@ -468,10 +468,10 @@ │ │ │ ╰ UID : aae18983fd370362 │ │ ├ InstalledVersion: 2.4.4-2ubuntu17 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2022-3219 │ │ ├ DataSource ╭ ID : ubuntu @@ -512,10 +512,10 @@ │ │ │ ╰ UID : 7e05ebcda8abf4f1 │ │ ├ InstalledVersion: 2.4.4-2ubuntu17 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2022-3219 │ │ ├ DataSource ╭ ID : ubuntu @@ -556,10 +556,10 @@ │ │ │ ╰ UID : 9dff1dd5d1d9d199 │ │ ├ InstalledVersion: 2.4.4-2ubuntu17 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2022-3219 │ │ ├ DataSource ╭ ID : ubuntu @@ -600,10 +600,10 @@ │ │ │ ╰ UID : 6e5b7f8c94f71cc2 │ │ ├ InstalledVersion: 2.4.4-2ubuntu17 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2022-3219 │ │ ├ DataSource ╭ ID : ubuntu @@ -644,10 +644,10 @@ │ │ │ ╰ UID : 1c184b68ea71f17a │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26462 │ │ ├ DataSource ╭ ID : ubuntu @@ -693,10 +693,10 @@ │ │ │ ╰ UID : 1c184b68ea71f17a │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26458 │ │ ├ DataSource ╭ ID : ubuntu @@ -706,7 +706,7 @@ │ │ ├ Description : Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in │ │ │ /krb5/src/lib/rpc/pmap_rmt.c. │ │ ├ Severity : LOW -│ │ ├ VendorSeverity ╭ alma : 1 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ azure : 2 │ │ │ ├ cbl-mariner: 2 @@ -718,28 +718,29 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:3268 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9331 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-26458 │ │ │ ├ [2] : https://bugzilla.redhat.com/2266731 │ │ │ ├ [3] : https://bugzilla.redhat.com/2266740 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 -│ │ │ │ 024-26458 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2266742 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 │ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ │ 024-26458 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-26461 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-3268.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:3268 -│ │ │ ├ [10]: https://github.com/LuMingYinDetect/krb5_defects/blob +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-9331.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:3268 +│ │ │ ├ [11]: https://github.com/LuMingYinDetect/krb5_defects/blob │ │ │ │ /main/krb5_detect_1.md -│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-26458.html -│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-9331.html -│ │ │ ├ [13]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-26458.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-9331.html +│ │ │ ├ [14]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc │ │ │ │ h/023095.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-26458 -│ │ │ ├ [15]: https://security.netapp.com/advisory/ntap-20240415-0 +│ │ │ ├ [15]: https://nvd.nist.gov/vuln/detail/CVE-2024-26458 +│ │ │ ├ [16]: https://security.netapp.com/advisory/ntap-20240415-0 │ │ │ │ 010/ -│ │ │ ╰ [16]: https://www.cve.org/CVERecord?id=CVE-2024-26458 +│ │ │ ╰ [17]: https://www.cve.org/CVERecord?id=CVE-2024-26458 │ │ ├ PublishedDate : 2024-02-29T01:44:18.78Z │ │ ╰ LastModifiedDate: 2024-12-06T21:15:06.28Z │ ├ [16] ╭ VulnerabilityID : CVE-2024-26461 @@ -750,10 +751,10 @@ │ │ │ ╰ UID : 1c184b68ea71f17a │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26461 │ │ ├ DataSource ╭ ID : ubuntu @@ -764,7 +765,7 @@ │ │ │ vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. │ │ ├ Severity : LOW │ │ ├ CweIDs ─ [0]: CWE-770 -│ │ ├ VendorSeverity ╭ alma : 1 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ azure : 3 │ │ │ ├ cbl-mariner: 3 @@ -776,28 +777,29 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:3268 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9331 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-26461 │ │ │ ├ [2] : https://bugzilla.redhat.com/2266731 │ │ │ ├ [3] : https://bugzilla.redhat.com/2266740 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 -│ │ │ │ 024-26458 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2266742 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 │ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ │ 024-26458 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-26461 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-3268.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:3268 -│ │ │ ├ [10]: https://github.com/LuMingYinDetect/krb5_defects/blob +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-9331.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:3268 +│ │ │ ├ [11]: https://github.com/LuMingYinDetect/krb5_defects/blob │ │ │ │ /main/krb5_detect_2.md -│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-26461.html -│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-9331.html -│ │ │ ├ [13]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-26461.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-9331.html +│ │ │ ├ [14]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc │ │ │ │ h/023095.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-26461 -│ │ │ ├ [15]: https://security.netapp.com/advisory/ntap-20240415-0 +│ │ │ ├ [15]: https://nvd.nist.gov/vuln/detail/CVE-2024-26461 +│ │ │ ├ [16]: https://security.netapp.com/advisory/ntap-20240415-0 │ │ │ │ 011/ -│ │ │ ╰ [16]: https://www.cve.org/CVERecord?id=CVE-2024-26461 +│ │ │ ╰ [17]: https://www.cve.org/CVERecord?id=CVE-2024-26461 │ │ ├ PublishedDate : 2024-02-29T01:44:18.82Z │ │ ╰ LastModifiedDate: 2024-08-14T16:35:10.207Z │ ├ [17] ╭ VulnerabilityID : CVE-2016-20013 @@ -808,10 +810,10 @@ │ │ │ ╰ UID : cd85fea82c7c82fb │ │ ├ InstalledVersion: 2.39-0ubuntu8.3 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2016-20013 │ │ ├ DataSource ╭ ID : ubuntu @@ -844,10 +846,10 @@ │ │ │ ╰ UID : fa1c3ee1f893708b │ │ ├ InstalledVersion: 2.39-0ubuntu8.3 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2016-20013 │ │ ├ DataSource ╭ ID : ubuntu @@ -880,10 +882,10 @@ │ │ │ ╰ UID : ee9ad1b4fc7bf0a6 │ │ ├ InstalledVersion: 1.10.3-2build1 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-2236 │ │ ├ DataSource ╭ ID : ubuntu @@ -930,10 +932,10 @@ │ │ │ ╰ UID : dce93cacc9c9995c │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26462 │ │ ├ DataSource ╭ ID : ubuntu @@ -979,10 +981,10 @@ │ │ │ ╰ UID : dce93cacc9c9995c │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26458 │ │ ├ DataSource ╭ ID : ubuntu @@ -992,7 +994,7 @@ │ │ ├ Description : Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in │ │ │ /krb5/src/lib/rpc/pmap_rmt.c. │ │ ├ Severity : LOW -│ │ ├ VendorSeverity ╭ alma : 1 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ azure : 2 │ │ │ ├ cbl-mariner: 2 @@ -1004,28 +1006,29 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:3268 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9331 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-26458 │ │ │ ├ [2] : https://bugzilla.redhat.com/2266731 │ │ │ ├ [3] : https://bugzilla.redhat.com/2266740 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 -│ │ │ │ 024-26458 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2266742 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 │ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ │ 024-26458 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-26461 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-3268.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:3268 -│ │ │ ├ [10]: https://github.com/LuMingYinDetect/krb5_defects/blob +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-9331.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:3268 +│ │ │ ├ [11]: https://github.com/LuMingYinDetect/krb5_defects/blob │ │ │ │ /main/krb5_detect_1.md -│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-26458.html -│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-9331.html -│ │ │ ├ [13]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-26458.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-9331.html +│ │ │ ├ [14]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc │ │ │ │ h/023095.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-26458 -│ │ │ ├ [15]: https://security.netapp.com/advisory/ntap-20240415-0 +│ │ │ ├ [15]: https://nvd.nist.gov/vuln/detail/CVE-2024-26458 +│ │ │ ├ [16]: https://security.netapp.com/advisory/ntap-20240415-0 │ │ │ │ 010/ -│ │ │ ╰ [16]: https://www.cve.org/CVERecord?id=CVE-2024-26458 +│ │ │ ╰ [17]: https://www.cve.org/CVERecord?id=CVE-2024-26458 │ │ ├ PublishedDate : 2024-02-29T01:44:18.78Z │ │ ╰ LastModifiedDate: 2024-12-06T21:15:06.28Z │ ├ [22] ╭ VulnerabilityID : CVE-2024-26461 @@ -1036,10 +1039,10 @@ │ │ │ ╰ UID : dce93cacc9c9995c │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26461 │ │ ├ DataSource ╭ ID : ubuntu @@ -1050,7 +1053,7 @@ │ │ │ vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. │ │ ├ Severity : LOW │ │ ├ CweIDs ─ [0]: CWE-770 -│ │ ├ VendorSeverity ╭ alma : 1 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ azure : 3 │ │ │ ├ cbl-mariner: 3 @@ -1062,28 +1065,29 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:3268 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9331 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-26461 │ │ │ ├ [2] : https://bugzilla.redhat.com/2266731 │ │ │ ├ [3] : https://bugzilla.redhat.com/2266740 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 -│ │ │ │ 024-26458 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2266742 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 │ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ │ 024-26458 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-26461 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-3268.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:3268 -│ │ │ ├ [10]: https://github.com/LuMingYinDetect/krb5_defects/blob +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-9331.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:3268 +│ │ │ ├ [11]: https://github.com/LuMingYinDetect/krb5_defects/blob │ │ │ │ /main/krb5_detect_2.md -│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-26461.html -│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-9331.html -│ │ │ ├ [13]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-26461.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-9331.html +│ │ │ ├ [14]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc │ │ │ │ h/023095.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-26461 -│ │ │ ├ [15]: https://security.netapp.com/advisory/ntap-20240415-0 +│ │ │ ├ [15]: https://nvd.nist.gov/vuln/detail/CVE-2024-26461 +│ │ │ ├ [16]: https://security.netapp.com/advisory/ntap-20240415-0 │ │ │ │ 011/ -│ │ │ ╰ [16]: https://www.cve.org/CVERecord?id=CVE-2024-26461 +│ │ │ ╰ [17]: https://www.cve.org/CVERecord?id=CVE-2024-26461 │ │ ├ PublishedDate : 2024-02-29T01:44:18.82Z │ │ ╰ LastModifiedDate: 2024-08-14T16:35:10.207Z │ ├ [23] ╭ VulnerabilityID : CVE-2024-26462 @@ -1094,10 +1098,10 @@ │ │ │ ╰ UID : 165b2e8adfab07b9 │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26462 │ │ ├ DataSource ╭ ID : ubuntu @@ -1143,10 +1147,10 @@ │ │ │ ╰ UID : 165b2e8adfab07b9 │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26458 │ │ ├ DataSource ╭ ID : ubuntu @@ -1156,7 +1160,7 @@ │ │ ├ Description : Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in │ │ │ /krb5/src/lib/rpc/pmap_rmt.c. │ │ ├ Severity : LOW -│ │ ├ VendorSeverity ╭ alma : 1 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ azure : 2 │ │ │ ├ cbl-mariner: 2 @@ -1168,28 +1172,29 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:3268 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9331 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-26458 │ │ │ ├ [2] : https://bugzilla.redhat.com/2266731 │ │ │ ├ [3] : https://bugzilla.redhat.com/2266740 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 -│ │ │ │ 024-26458 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2266742 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 │ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ │ 024-26458 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-26461 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-3268.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:3268 -│ │ │ ├ [10]: https://github.com/LuMingYinDetect/krb5_defects/blob +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-9331.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:3268 +│ │ │ ├ [11]: https://github.com/LuMingYinDetect/krb5_defects/blob │ │ │ │ /main/krb5_detect_1.md -│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-26458.html -│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-9331.html -│ │ │ ├ [13]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-26458.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-9331.html +│ │ │ ├ [14]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc │ │ │ │ h/023095.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-26458 -│ │ │ ├ [15]: https://security.netapp.com/advisory/ntap-20240415-0 +│ │ │ ├ [15]: https://nvd.nist.gov/vuln/detail/CVE-2024-26458 +│ │ │ ├ [16]: https://security.netapp.com/advisory/ntap-20240415-0 │ │ │ │ 010/ -│ │ │ ╰ [16]: https://www.cve.org/CVERecord?id=CVE-2024-26458 +│ │ │ ╰ [17]: https://www.cve.org/CVERecord?id=CVE-2024-26458 │ │ ├ PublishedDate : 2024-02-29T01:44:18.78Z │ │ ╰ LastModifiedDate: 2024-12-06T21:15:06.28Z │ ├ [25] ╭ VulnerabilityID : CVE-2024-26461 @@ -1200,10 +1205,10 @@ │ │ │ ╰ UID : 165b2e8adfab07b9 │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26461 │ │ ├ DataSource ╭ ID : ubuntu @@ -1214,7 +1219,7 @@ │ │ │ vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. │ │ ├ Severity : LOW │ │ ├ CweIDs ─ [0]: CWE-770 -│ │ ├ VendorSeverity ╭ alma : 1 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ azure : 3 │ │ │ ├ cbl-mariner: 3 @@ -1226,28 +1231,29 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:3268 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9331 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-26461 │ │ │ ├ [2] : https://bugzilla.redhat.com/2266731 │ │ │ ├ [3] : https://bugzilla.redhat.com/2266740 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 -│ │ │ │ 024-26458 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2266742 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 │ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ │ 024-26458 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-26461 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-3268.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:3268 -│ │ │ ├ [10]: https://github.com/LuMingYinDetect/krb5_defects/blob +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-9331.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:3268 +│ │ │ ├ [11]: https://github.com/LuMingYinDetect/krb5_defects/blob │ │ │ │ /main/krb5_detect_2.md -│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-26461.html -│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-9331.html -│ │ │ ├ [13]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-26461.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-9331.html +│ │ │ ├ [14]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc │ │ │ │ h/023095.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-26461 -│ │ │ ├ [15]: https://security.netapp.com/advisory/ntap-20240415-0 +│ │ │ ├ [15]: https://nvd.nist.gov/vuln/detail/CVE-2024-26461 +│ │ │ ├ [16]: https://security.netapp.com/advisory/ntap-20240415-0 │ │ │ │ 011/ -│ │ │ ╰ [16]: https://www.cve.org/CVERecord?id=CVE-2024-26461 +│ │ │ ╰ [17]: https://www.cve.org/CVERecord?id=CVE-2024-26461 │ │ ├ PublishedDate : 2024-02-29T01:44:18.82Z │ │ ╰ LastModifiedDate: 2024-08-14T16:35:10.207Z │ ├ [26] ╭ VulnerabilityID : CVE-2024-26462 @@ -1258,10 +1264,10 @@ │ │ │ ╰ UID : 89337d2f699ab36b │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26462 │ │ ├ DataSource ╭ ID : ubuntu @@ -1307,10 +1313,10 @@ │ │ │ ╰ UID : 89337d2f699ab36b │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26458 │ │ ├ DataSource ╭ ID : ubuntu @@ -1320,7 +1326,7 @@ │ │ ├ Description : Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in │ │ │ /krb5/src/lib/rpc/pmap_rmt.c. │ │ ├ Severity : LOW -│ │ ├ VendorSeverity ╭ alma : 1 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ azure : 2 │ │ │ ├ cbl-mariner: 2 @@ -1332,28 +1338,29 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:3268 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9331 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-26458 │ │ │ ├ [2] : https://bugzilla.redhat.com/2266731 │ │ │ ├ [3] : https://bugzilla.redhat.com/2266740 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 -│ │ │ │ 024-26458 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2266742 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 │ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ │ 024-26458 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-26461 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-3268.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:3268 -│ │ │ ├ [10]: https://github.com/LuMingYinDetect/krb5_defects/blob +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-9331.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:3268 +│ │ │ ├ [11]: https://github.com/LuMingYinDetect/krb5_defects/blob │ │ │ │ /main/krb5_detect_1.md -│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-26458.html -│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-9331.html -│ │ │ ├ [13]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-26458.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-9331.html +│ │ │ ├ [14]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc │ │ │ │ h/023095.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-26458 -│ │ │ ├ [15]: https://security.netapp.com/advisory/ntap-20240415-0 +│ │ │ ├ [15]: https://nvd.nist.gov/vuln/detail/CVE-2024-26458 +│ │ │ ├ [16]: https://security.netapp.com/advisory/ntap-20240415-0 │ │ │ │ 010/ -│ │ │ ╰ [16]: https://www.cve.org/CVERecord?id=CVE-2024-26458 +│ │ │ ╰ [17]: https://www.cve.org/CVERecord?id=CVE-2024-26458 │ │ ├ PublishedDate : 2024-02-29T01:44:18.78Z │ │ ╰ LastModifiedDate: 2024-12-06T21:15:06.28Z │ ├ [28] ╭ VulnerabilityID : CVE-2024-26461 @@ -1364,10 +1371,10 @@ │ │ │ ╰ UID : 89337d2f699ab36b │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26461 │ │ ├ DataSource ╭ ID : ubuntu @@ -1378,7 +1385,7 @@ │ │ │ vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. │ │ ├ Severity : LOW │ │ ├ CweIDs ─ [0]: CWE-770 -│ │ ├ VendorSeverity ╭ alma : 1 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ azure : 3 │ │ │ ├ cbl-mariner: 3 @@ -1390,28 +1397,29 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:3268 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9331 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-26461 │ │ │ ├ [2] : https://bugzilla.redhat.com/2266731 │ │ │ ├ [3] : https://bugzilla.redhat.com/2266740 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 -│ │ │ │ 024-26458 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2266742 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 │ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ │ 024-26458 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-26461 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-3268.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:3268 -│ │ │ ├ [10]: https://github.com/LuMingYinDetect/krb5_defects/blob +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-9331.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:3268 +│ │ │ ├ [11]: https://github.com/LuMingYinDetect/krb5_defects/blob │ │ │ │ /main/krb5_detect_2.md -│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-26461.html -│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-9331.html -│ │ │ ├ [13]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-26461.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-9331.html +│ │ │ ├ [14]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc │ │ │ │ h/023095.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-26461 -│ │ │ ├ [15]: https://security.netapp.com/advisory/ntap-20240415-0 +│ │ │ ├ [15]: https://nvd.nist.gov/vuln/detail/CVE-2024-26461 +│ │ │ ├ [16]: https://security.netapp.com/advisory/ntap-20240415-0 │ │ │ │ 011/ -│ │ │ ╰ [16]: https://www.cve.org/CVERecord?id=CVE-2024-26461 +│ │ │ ╰ [17]: https://www.cve.org/CVERecord?id=CVE-2024-26461 │ │ ├ PublishedDate : 2024-02-29T01:44:18.82Z │ │ ╰ LastModifiedDate: 2024-08-14T16:35:10.207Z │ ├ [29] ╭ VulnerabilityID : CVE-2024-26462 @@ -1422,10 +1430,10 @@ │ │ │ ╰ UID : 6cfb982b16c44455 │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26462 │ │ ├ DataSource ╭ ID : ubuntu @@ -1471,10 +1479,10 @@ │ │ │ ╰ UID : 6cfb982b16c44455 │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26458 │ │ ├ DataSource ╭ ID : ubuntu @@ -1484,7 +1492,7 @@ │ │ ├ Description : Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in │ │ │ /krb5/src/lib/rpc/pmap_rmt.c. │ │ ├ Severity : LOW -│ │ ├ VendorSeverity ╭ alma : 1 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ azure : 2 │ │ │ ├ cbl-mariner: 2 @@ -1496,28 +1504,29 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:3268 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9331 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-26458 │ │ │ ├ [2] : https://bugzilla.redhat.com/2266731 │ │ │ ├ [3] : https://bugzilla.redhat.com/2266740 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 -│ │ │ │ 024-26458 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2266742 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 │ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ │ 024-26458 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-26461 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-3268.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:3268 -│ │ │ ├ [10]: https://github.com/LuMingYinDetect/krb5_defects/blob +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-9331.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:3268 +│ │ │ ├ [11]: https://github.com/LuMingYinDetect/krb5_defects/blob │ │ │ │ /main/krb5_detect_1.md -│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-26458.html -│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-9331.html -│ │ │ ├ [13]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-26458.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-9331.html +│ │ │ ├ [14]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc │ │ │ │ h/023095.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-26458 -│ │ │ ├ [15]: https://security.netapp.com/advisory/ntap-20240415-0 +│ │ │ ├ [15]: https://nvd.nist.gov/vuln/detail/CVE-2024-26458 +│ │ │ ├ [16]: https://security.netapp.com/advisory/ntap-20240415-0 │ │ │ │ 010/ -│ │ │ ╰ [16]: https://www.cve.org/CVERecord?id=CVE-2024-26458 +│ │ │ ╰ [17]: https://www.cve.org/CVERecord?id=CVE-2024-26458 │ │ ├ PublishedDate : 2024-02-29T01:44:18.78Z │ │ ╰ LastModifiedDate: 2024-12-06T21:15:06.28Z │ ├ [31] ╭ VulnerabilityID : CVE-2024-26461 @@ -1528,10 +1537,10 @@ │ │ │ ╰ UID : 6cfb982b16c44455 │ │ ├ InstalledVersion: 1.20.1-6ubuntu2.2 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-26461 │ │ ├ DataSource ╭ ID : ubuntu @@ -1542,7 +1551,7 @@ │ │ │ vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. │ │ ├ Severity : LOW │ │ ├ CweIDs ─ [0]: CWE-770 -│ │ ├ VendorSeverity ╭ alma : 1 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ azure : 3 │ │ │ ├ cbl-mariner: 3 @@ -1554,28 +1563,29 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I: │ │ │ │ N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:3268 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9331 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-26461 │ │ │ ├ [2] : https://bugzilla.redhat.com/2266731 │ │ │ ├ [3] : https://bugzilla.redhat.com/2266740 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 -│ │ │ │ 024-26458 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2266742 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2266731 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2266740 │ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ │ 024-26458 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-26461 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-3268.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:3268 -│ │ │ ├ [10]: https://github.com/LuMingYinDetect/krb5_defects/blob +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-9331.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:3268 +│ │ │ ├ [11]: https://github.com/LuMingYinDetect/krb5_defects/blob │ │ │ │ /main/krb5_detect_2.md -│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-26461.html -│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-9331.html -│ │ │ ├ [13]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-26461.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-9331.html +│ │ │ ├ [14]: https://mailman.mit.edu/pipermail/kerberos/2024-Marc │ │ │ │ h/023095.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-26461 -│ │ │ ├ [15]: https://security.netapp.com/advisory/ntap-20240415-0 +│ │ │ ├ [15]: https://nvd.nist.gov/vuln/detail/CVE-2024-26461 +│ │ │ ├ [16]: https://security.netapp.com/advisory/ntap-20240415-0 │ │ │ │ 011/ -│ │ │ ╰ [16]: https://www.cve.org/CVERecord?id=CVE-2024-26461 +│ │ │ ╰ [17]: https://www.cve.org/CVERecord?id=CVE-2024-26461 │ │ ├ PublishedDate : 2024-02-29T01:44:18.82Z │ │ ╰ LastModifiedDate: 2024-08-14T16:35:10.207Z │ ├ [32] ╭ VulnerabilityID : CVE-2024-10041 @@ -1586,10 +1596,10 @@ │ │ │ ╰ UID : f821171cc4f544ed │ │ ├ InstalledVersion: 1.5.3-5ubuntu5.1 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-10041 │ │ ├ DataSource ╭ ID : ubuntu @@ -1606,7 +1616,7 @@ │ │ │ authentications. │ │ ├ Severity : MEDIUM │ │ ├ CweIDs ─ [0]: CWE-922 -│ │ ├ VendorSeverity ╭ alma : 3 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ oracle-oval: 2 │ │ │ ├ redhat : 2 │ │ │ ├ rocky : 3 @@ -1619,19 +1629,18 @@ │ │ │ ├ [2] : https://access.redhat.com/errata/RHSA-2024:9941 │ │ │ ├ [3] : https://access.redhat.com/security/cve/CVE-2024-10041 │ │ │ ├ [4] : https://bugzilla.redhat.com/2319212 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2324291 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 -│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 -│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 +│ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10041 -│ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10963 -│ │ │ ├ [10]: https://errata.almalinux.org/8/ALSA-2024-10379.html -│ │ │ ├ [11]: https://errata.rockylinux.org/RLSA-2024:10379 -│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-10041.html -│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-11250.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-10041 -│ │ │ ╰ [15]: https://www.cve.org/CVERecord?id=CVE-2024-10041 +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-11250.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:10379 +│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-10041.html +│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-11250.html +│ │ │ ├ [13]: https://nvd.nist.gov/vuln/detail/CVE-2024-10041 +│ │ │ ╰ [14]: https://www.cve.org/CVERecord?id=CVE-2024-10041 │ │ ├ PublishedDate : 2024-10-23T14:15:03.97Z │ │ ╰ LastModifiedDate: 2024-12-18T10:15:05.85Z │ ├ [33] ╭ VulnerabilityID : CVE-2024-10963 @@ -1642,10 +1651,10 @@ │ │ │ ╰ UID : f821171cc4f544ed │ │ ├ InstalledVersion: 1.5.3-5ubuntu5.1 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-10963 │ │ ├ DataSource ╭ ID : ubuntu @@ -1671,22 +1680,21 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I: │ │ │ │ H/A:N │ │ │ ╰ V3Score : 7.4 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:10379 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:10244 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-10963 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2319212 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2324291 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2324291 +│ │ │ ├ [3] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 +│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 +│ │ │ ├ [5] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10041 -│ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10963 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-10379.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:10379 -│ │ │ ├ [10]: https://linux.oracle.com/cve/CVE-2024-10963.html -│ │ │ ├ [11]: https://linux.oracle.com/errata/ELSA-2024-10379.html -│ │ │ ├ [12]: https://nvd.nist.gov/vuln/detail/CVE-2024-10963 -│ │ │ ╰ [13]: https://www.cve.org/CVERecord?id=CVE-2024-10963 +│ │ │ ├ [7] : https://errata.almalinux.org/9/ALSA-2024-10244.html +│ │ │ ├ [8] : https://errata.rockylinux.org/RLSA-2024:10379 +│ │ │ ├ [9] : https://linux.oracle.com/cve/CVE-2024-10963.html +│ │ │ ├ [10]: https://linux.oracle.com/errata/ELSA-2024-10379.html +│ │ │ ├ [11]: https://nvd.nist.gov/vuln/detail/CVE-2024-10963 +│ │ │ ╰ [12]: https://www.cve.org/CVERecord?id=CVE-2024-10963 │ │ ├ PublishedDate : 2024-11-07T16:15:17.15Z │ │ ╰ LastModifiedDate: 2024-11-11T18:15:14.487Z │ ├ [34] ╭ VulnerabilityID : CVE-2024-10041 @@ -1697,10 +1705,10 @@ │ │ │ ╰ UID : c8702dfc9a216eee │ │ ├ InstalledVersion: 1.5.3-5ubuntu5.1 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-10041 │ │ ├ DataSource ╭ ID : ubuntu @@ -1717,7 +1725,7 @@ │ │ │ authentications. │ │ ├ Severity : MEDIUM │ │ ├ CweIDs ─ [0]: CWE-922 -│ │ ├ VendorSeverity ╭ alma : 3 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ oracle-oval: 2 │ │ │ ├ redhat : 2 │ │ │ ├ rocky : 3 @@ -1730,19 +1738,18 @@ │ │ │ ├ [2] : https://access.redhat.com/errata/RHSA-2024:9941 │ │ │ ├ [3] : https://access.redhat.com/security/cve/CVE-2024-10041 │ │ │ ├ [4] : https://bugzilla.redhat.com/2319212 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2324291 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 -│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 -│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 +│ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10041 -│ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10963 -│ │ │ ├ [10]: https://errata.almalinux.org/8/ALSA-2024-10379.html -│ │ │ ├ [11]: https://errata.rockylinux.org/RLSA-2024:10379 -│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-10041.html -│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-11250.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-10041 -│ │ │ ╰ [15]: https://www.cve.org/CVERecord?id=CVE-2024-10041 +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-11250.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:10379 +│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-10041.html +│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-11250.html +│ │ │ ├ [13]: https://nvd.nist.gov/vuln/detail/CVE-2024-10041 +│ │ │ ╰ [14]: https://www.cve.org/CVERecord?id=CVE-2024-10041 │ │ ├ PublishedDate : 2024-10-23T14:15:03.97Z │ │ ╰ LastModifiedDate: 2024-12-18T10:15:05.85Z │ ├ [35] ╭ VulnerabilityID : CVE-2024-10963 @@ -1753,10 +1760,10 @@ │ │ │ ╰ UID : c8702dfc9a216eee │ │ ├ InstalledVersion: 1.5.3-5ubuntu5.1 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-10963 │ │ ├ DataSource ╭ ID : ubuntu @@ -1782,22 +1789,21 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I: │ │ │ │ H/A:N │ │ │ ╰ V3Score : 7.4 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:10379 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:10244 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-10963 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2319212 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2324291 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2324291 +│ │ │ ├ [3] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 +│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 +│ │ │ ├ [5] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10041 -│ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10963 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-10379.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:10379 -│ │ │ ├ [10]: https://linux.oracle.com/cve/CVE-2024-10963.html -│ │ │ ├ [11]: https://linux.oracle.com/errata/ELSA-2024-10379.html -│ │ │ ├ [12]: https://nvd.nist.gov/vuln/detail/CVE-2024-10963 -│ │ │ ╰ [13]: https://www.cve.org/CVERecord?id=CVE-2024-10963 +│ │ │ ├ [7] : https://errata.almalinux.org/9/ALSA-2024-10244.html +│ │ │ ├ [8] : https://errata.rockylinux.org/RLSA-2024:10379 +│ │ │ ├ [9] : https://linux.oracle.com/cve/CVE-2024-10963.html +│ │ │ ├ [10]: https://linux.oracle.com/errata/ELSA-2024-10379.html +│ │ │ ├ [11]: https://nvd.nist.gov/vuln/detail/CVE-2024-10963 +│ │ │ ╰ [12]: https://www.cve.org/CVERecord?id=CVE-2024-10963 │ │ ├ PublishedDate : 2024-11-07T16:15:17.15Z │ │ ╰ LastModifiedDate: 2024-11-11T18:15:14.487Z │ ├ [36] ╭ VulnerabilityID : CVE-2024-10041 @@ -1808,10 +1814,10 @@ │ │ │ ╰ UID : f94ce0c2a9328057 │ │ ├ InstalledVersion: 1.5.3-5ubuntu5.1 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-10041 │ │ ├ DataSource ╭ ID : ubuntu @@ -1828,7 +1834,7 @@ │ │ │ authentications. │ │ ├ Severity : MEDIUM │ │ ├ CweIDs ─ [0]: CWE-922 -│ │ ├ VendorSeverity ╭ alma : 3 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ oracle-oval: 2 │ │ │ ├ redhat : 2 │ │ │ ├ rocky : 3 @@ -1841,19 +1847,18 @@ │ │ │ ├ [2] : https://access.redhat.com/errata/RHSA-2024:9941 │ │ │ ├ [3] : https://access.redhat.com/security/cve/CVE-2024-10041 │ │ │ ├ [4] : https://bugzilla.redhat.com/2319212 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2324291 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 -│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 -│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 +│ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10041 -│ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10963 -│ │ │ ├ [10]: https://errata.almalinux.org/8/ALSA-2024-10379.html -│ │ │ ├ [11]: https://errata.rockylinux.org/RLSA-2024:10379 -│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-10041.html -│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-11250.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-10041 -│ │ │ ╰ [15]: https://www.cve.org/CVERecord?id=CVE-2024-10041 +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-11250.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:10379 +│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-10041.html +│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-11250.html +│ │ │ ├ [13]: https://nvd.nist.gov/vuln/detail/CVE-2024-10041 +│ │ │ ╰ [14]: https://www.cve.org/CVERecord?id=CVE-2024-10041 │ │ ├ PublishedDate : 2024-10-23T14:15:03.97Z │ │ ╰ LastModifiedDate: 2024-12-18T10:15:05.85Z │ ├ [37] ╭ VulnerabilityID : CVE-2024-10963 @@ -1864,10 +1869,10 @@ │ │ │ ╰ UID : f94ce0c2a9328057 │ │ ├ InstalledVersion: 1.5.3-5ubuntu5.1 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-10963 │ │ ├ DataSource ╭ ID : ubuntu @@ -1893,22 +1898,21 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I: │ │ │ │ H/A:N │ │ │ ╰ V3Score : 7.4 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:10379 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:10244 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-10963 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2319212 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2324291 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2324291 +│ │ │ ├ [3] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 +│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 +│ │ │ ├ [5] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10041 -│ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10963 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-10379.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:10379 -│ │ │ ├ [10]: https://linux.oracle.com/cve/CVE-2024-10963.html -│ │ │ ├ [11]: https://linux.oracle.com/errata/ELSA-2024-10379.html -│ │ │ ├ [12]: https://nvd.nist.gov/vuln/detail/CVE-2024-10963 -│ │ │ ╰ [13]: https://www.cve.org/CVERecord?id=CVE-2024-10963 +│ │ │ ├ [7] : https://errata.almalinux.org/9/ALSA-2024-10244.html +│ │ │ ├ [8] : https://errata.rockylinux.org/RLSA-2024:10379 +│ │ │ ├ [9] : https://linux.oracle.com/cve/CVE-2024-10963.html +│ │ │ ├ [10]: https://linux.oracle.com/errata/ELSA-2024-10379.html +│ │ │ ├ [11]: https://nvd.nist.gov/vuln/detail/CVE-2024-10963 +│ │ │ ╰ [12]: https://www.cve.org/CVERecord?id=CVE-2024-10963 │ │ ├ PublishedDate : 2024-11-07T16:15:17.15Z │ │ ╰ LastModifiedDate: 2024-11-11T18:15:14.487Z │ ├ [38] ╭ VulnerabilityID : CVE-2024-10041 @@ -1919,10 +1923,10 @@ │ │ │ ╰ UID : 59788c7daf17f497 │ │ ├ InstalledVersion: 1.5.3-5ubuntu5.1 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-10041 │ │ ├ DataSource ╭ ID : ubuntu @@ -1939,7 +1943,7 @@ │ │ │ authentications. │ │ ├ Severity : MEDIUM │ │ ├ CweIDs ─ [0]: CWE-922 -│ │ ├ VendorSeverity ╭ alma : 3 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ oracle-oval: 2 │ │ │ ├ redhat : 2 │ │ │ ├ rocky : 3 @@ -1952,19 +1956,18 @@ │ │ │ ├ [2] : https://access.redhat.com/errata/RHSA-2024:9941 │ │ │ ├ [3] : https://access.redhat.com/security/cve/CVE-2024-10041 │ │ │ ├ [4] : https://bugzilla.redhat.com/2319212 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2324291 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 -│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 -│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 +│ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10041 -│ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10963 -│ │ │ ├ [10]: https://errata.almalinux.org/8/ALSA-2024-10379.html -│ │ │ ├ [11]: https://errata.rockylinux.org/RLSA-2024:10379 -│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2024-10041.html -│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-11250.html -│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2024-10041 -│ │ │ ╰ [15]: https://www.cve.org/CVERecord?id=CVE-2024-10041 +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-11250.html +│ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:10379 +│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2024-10041.html +│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-11250.html +│ │ │ ├ [13]: https://nvd.nist.gov/vuln/detail/CVE-2024-10041 +│ │ │ ╰ [14]: https://www.cve.org/CVERecord?id=CVE-2024-10041 │ │ ├ PublishedDate : 2024-10-23T14:15:03.97Z │ │ ╰ LastModifiedDate: 2024-12-18T10:15:05.85Z │ ├ [39] ╭ VulnerabilityID : CVE-2024-10963 @@ -1975,10 +1978,10 @@ │ │ │ ╰ UID : 59788c7daf17f497 │ │ ├ InstalledVersion: 1.5.3-5ubuntu5.1 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-10963 │ │ ├ DataSource ╭ ID : ubuntu @@ -2004,22 +2007,21 @@ │ │ ├ CVSS ─ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I: │ │ │ │ H/A:N │ │ │ ╰ V3Score : 7.4 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:10379 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:10244 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-10963 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2319212 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2324291 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 -│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2324291 +│ │ │ ├ [3] : https://bugzilla.redhat.com/show_bug.cgi?id=2319212 +│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2324291 +│ │ │ ├ [5] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10041 -│ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [6] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-10963 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-10379.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:10379 -│ │ │ ├ [10]: https://linux.oracle.com/cve/CVE-2024-10963.html -│ │ │ ├ [11]: https://linux.oracle.com/errata/ELSA-2024-10379.html -│ │ │ ├ [12]: https://nvd.nist.gov/vuln/detail/CVE-2024-10963 -│ │ │ ╰ [13]: https://www.cve.org/CVERecord?id=CVE-2024-10963 +│ │ │ ├ [7] : https://errata.almalinux.org/9/ALSA-2024-10244.html +│ │ │ ├ [8] : https://errata.rockylinux.org/RLSA-2024:10379 +│ │ │ ├ [9] : https://linux.oracle.com/cve/CVE-2024-10963.html +│ │ │ ├ [10]: https://linux.oracle.com/errata/ELSA-2024-10379.html +│ │ │ ├ [11]: https://nvd.nist.gov/vuln/detail/CVE-2024-10963 +│ │ │ ╰ [12]: https://www.cve.org/CVERecord?id=CVE-2024-10963 │ │ ├ PublishedDate : 2024-11-07T16:15:17.15Z │ │ ╰ LastModifiedDate: 2024-11-11T18:15:14.487Z │ ├ [40] ╭ VulnerabilityID : CVE-2024-41996 @@ -2030,10 +2032,10 @@ │ │ │ ╰ UID : 6e5d0fd9933b8520 │ │ ├ InstalledVersion: 3.0.13-0ubuntu3.4 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-41996 │ │ ├ DataSource ╭ ID : ubuntu @@ -2080,10 +2082,10 @@ │ │ │ ╰ UID : 943b5f73a228d407 │ │ ├ InstalledVersion: 3.0.13-0ubuntu3.4 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-41996 │ │ ├ DataSource ╭ ID : ubuntu @@ -2130,10 +2132,10 @@ │ │ │ ╰ UID : 3c5563b3f309aa9c │ │ ├ InstalledVersion: 2.7.6-7build3 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2018-6952 │ │ ├ DataSource ╭ ID : ubuntu @@ -2180,10 +2182,10 @@ │ │ │ ╰ UID : 3c5563b3f309aa9c │ │ ├ InstalledVersion: 2.7.6-7build3 │ │ ├ Status : affected -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ubuntu │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2021-45261 │ │ ├ DataSource ╭ ID : ubuntu @@ -2220,10 +2222,10 @@ │ │ ╰ UID : 467cb15e927b718d │ ├ InstalledVersion: 1.21.4-1ubuntu4.1 │ ├ Status : affected -│ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ 3e760ec97632069cf0cd6 -│ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ 9f050019c4e091cda1b1c +│ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ 245acf1047f9e4ec8f9b0 +│ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ 3072b7cd9782e2e972f6b │ ├ SeveritySource : ubuntu │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2021-31879 │ ├ DataSource ╭ ID : ubuntu @@ -2273,10 +2275,10 @@ │ │ ├ InstalledVersion: v0.12.0 │ │ ├ FixedVersion : 0.17.0 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-39325 │ │ ├ DataSource ╭ ID : ghsa @@ -2331,7 +2333,7 @@ │ │ │ │ :N/A:H │ │ │ ╰ V3Score : 7.5 │ │ ├ References ╭ [0] : golang.org/x/net -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2023:5863 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2023:6077 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2023-39325 │ │ │ ├ [3] : https://access.redhat.com/security/cve/CVE-2023-44487 │ │ │ ├ [4] : https://bugzilla.redhat.com/2242803 @@ -2342,7 +2344,7 @@ │ │ │ │ 2023-39325 │ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE- │ │ │ │ 2023-44487 -│ │ │ ├ [10] : https://errata.almalinux.org/8/ALSA-2023-5863.html +│ │ │ ├ [10] : https://errata.almalinux.org/9/ALSA-2023-6077.html │ │ │ ├ [11] : https://errata.rockylinux.org/RLSA-2023:6077 │ │ │ ├ [12] : https://github.com/golang/go/commit/24ae2d927285c69 │ │ │ │ 7440fdde3ad7f26028354bcf3 [golang- 1.21] @@ -2595,10 +2597,10 @@ │ │ ├ InstalledVersion: v0.12.0 │ │ ├ FixedVersion : 0.33.0 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-45338 │ │ ├ DataSource ╭ ID : ghsa @@ -2638,10 +2640,10 @@ │ │ ├ InstalledVersion: v0.12.0 │ │ ├ FixedVersion : 0.13.0 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-3978 │ │ ├ DataSource ╭ ID : ghsa @@ -2671,33 +2673,29 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I: │ │ │ │ L/A:N │ │ │ ╰ V3Score : 6.1 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2023:6939 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2023:6474 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2023-3978 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2163037 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2174485 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2175721 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2178358 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2178488 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2178492 -│ │ │ ├ [8] : https://bugzilla.redhat.com/2182883 -│ │ │ ├ [9] : https://bugzilla.redhat.com/2182884 -│ │ │ ├ [10]: https://bugzilla.redhat.com/2184481 -│ │ │ ├ [11]: https://bugzilla.redhat.com/2184482 -│ │ │ ├ [12]: https://bugzilla.redhat.com/2184483 -│ │ │ ├ [13]: https://bugzilla.redhat.com/2184484 -│ │ │ ├ [14]: https://bugzilla.redhat.com/2196026 -│ │ │ ├ [15]: https://bugzilla.redhat.com/2196027 -│ │ │ ├ [16]: https://bugzilla.redhat.com/2196029 -│ │ │ ├ [17]: https://bugzilla.redhat.com/2222167 -│ │ │ ├ [18]: https://bugzilla.redhat.com/2228689 -│ │ │ ├ [19]: https://errata.almalinux.org/8/ALSA-2023-6939.html -│ │ │ ├ [20]: https://go.dev/cl/514896 -│ │ │ ├ [21]: https://go.dev/issue/61615 -│ │ │ ├ [22]: https://linux.oracle.com/cve/CVE-2023-3978.html -│ │ │ ├ [23]: https://linux.oracle.com/errata/ELSA-2023-6939.html -│ │ │ ├ [24]: https://nvd.nist.gov/vuln/detail/CVE-2023-3978 -│ │ │ ├ [25]: https://pkg.go.dev/vuln/GO-2023-1988 -│ │ │ ╰ [26]: https://www.cve.org/CVERecord?id=CVE-2023-3978 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2174485 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2178358 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2178488 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2178492 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2184481 +│ │ │ ├ [7] : https://bugzilla.redhat.com/2184482 +│ │ │ ├ [8] : https://bugzilla.redhat.com/2184483 +│ │ │ ├ [9] : https://bugzilla.redhat.com/2184484 +│ │ │ ├ [10]: https://bugzilla.redhat.com/2196026 +│ │ │ ├ [11]: https://bugzilla.redhat.com/2196027 +│ │ │ ├ [12]: https://bugzilla.redhat.com/2196029 +│ │ │ ├ [13]: https://bugzilla.redhat.com/2222167 +│ │ │ ├ [14]: https://bugzilla.redhat.com/2228689 +│ │ │ ├ [15]: https://errata.almalinux.org/9/ALSA-2023-6474.html +│ │ │ ├ [16]: https://go.dev/cl/514896 +│ │ │ ├ [17]: https://go.dev/issue/61615 +│ │ │ ├ [18]: https://linux.oracle.com/cve/CVE-2023-3978.html +│ │ │ ├ [19]: https://linux.oracle.com/errata/ELSA-2023-6939.html +│ │ │ ├ [20]: https://nvd.nist.gov/vuln/detail/CVE-2023-3978 +│ │ │ ├ [21]: https://pkg.go.dev/vuln/GO-2023-1988 +│ │ │ ╰ [22]: https://www.cve.org/CVERecord?id=CVE-2023-3978 │ │ ├ PublishedDate : 2023-08-02T20:15:12.097Z │ │ ╰ LastModifiedDate: 2023-11-07T04:20:03.647Z │ ├ [3] ╭ VulnerabilityID : CVE-2023-44487 @@ -2708,10 +2706,10 @@ │ │ ├ InstalledVersion: v0.12.0 │ │ ├ FixedVersion : 0.17.0 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-44487 │ │ ├ DataSource ╭ ID : ghsa @@ -2762,7 +2760,7 @@ │ │ │ │ 19/6 │ │ │ ├ [5] : http://www.openwall.com/lists/oss-security/2023/10/ │ │ │ │ 20/8 -│ │ │ ├ [6] : https://access.redhat.com/errata/RHSA-2024:1444 +│ │ │ ├ [6] : https://access.redhat.com/errata/RHSA-2023:6746 │ │ │ ├ [7] : https://access.redhat.com/security/cve/CVE-2023-44487 │ │ │ ├ [8] : https://access.redhat.com/security/cve/cve-2023-44487 │ │ │ ├ [9] : https://akka.io/security/akka-http-cve-2023-44487.h @@ -2796,435 +2794,434 @@ │ │ │ ├ [22] : https://blog.vespa.ai/cve-2023-44487/ │ │ │ ├ [23] : https://bugzilla.proxmox.com/show_bug.cgi?id=4988 │ │ │ ├ [24] : https://bugzilla.redhat.com/2242803 -│ │ │ ├ [25] : https://bugzilla.redhat.com/2264574 -│ │ │ ├ [26] : https://bugzilla.redhat.com/show_bug.cgi?id=2242803 -│ │ │ ├ [27] : https://bugzilla.suse.com/show_bug.cgi?id=1216123 -│ │ │ ├ [28] : https://cgit.freebsd.org/ports/commit/?id=c64c329c2 +│ │ │ ├ [25] : https://bugzilla.redhat.com/show_bug.cgi?id=2242803 +│ │ │ ├ [26] : https://bugzilla.suse.com/show_bug.cgi?id=1216123 +│ │ │ ├ [27] : https://cgit.freebsd.org/ports/commit/?id=c64c329c2 │ │ │ │ c1752f46b73e3e6ce9f4329be6629f9 -│ │ │ ├ [29] : https://chaos.social/@icing/111210915918780532 -│ │ │ ├ [30] : https://cloud.google.com/blog/products/identity-sec +│ │ │ ├ [28] : https://chaos.social/@icing/111210915918780532 +│ │ │ ├ [29] : https://cloud.google.com/blog/products/identity-sec │ │ │ │ urity/google-cloud-mitigated-largest-ddos-attack-pe │ │ │ │ aking-above-398-million-rps -│ │ │ ├ [31] : https://cloud.google.com/blog/products/identity-sec +│ │ │ ├ [30] : https://cloud.google.com/blog/products/identity-sec │ │ │ │ urity/google-cloud-mitigated-largest-ddos-attack-pe │ │ │ │ aking-above-398-million-rps/ -│ │ │ ├ [32] : https://cloud.google.com/blog/products/identity-sec +│ │ │ ├ [31] : https://cloud.google.com/blog/products/identity-sec │ │ │ │ urity/how-it-works-the-novel-http2-rapid-reset-ddos │ │ │ │ -attack -│ │ │ ├ [33] : https://community.traefik.io/t/is-traefik-vulnerabl +│ │ │ ├ [32] : https://community.traefik.io/t/is-traefik-vulnerabl │ │ │ │ e-to-cve-2023-44487/20125 -│ │ │ ├ [34] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE- +│ │ │ ├ [33] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE- │ │ │ │ 2023-44487 -│ │ │ ├ [35] : https://devblogs.microsoft.com/dotnet/october-2023- +│ │ │ ├ [34] : https://devblogs.microsoft.com/dotnet/october-2023- │ │ │ │ updates/ -│ │ │ ├ [36] : https://discuss.hashicorp.com/t/hcsec-2023-32-vault +│ │ │ ├ [35] : https://discuss.hashicorp.com/t/hcsec-2023-32-vault │ │ │ │ -consul-and-boundary-affected-by-http-2-rapid-reset │ │ │ │ -denial-of-service-vulnerability-cve-2023-44487/597 │ │ │ │ 15 -│ │ │ ├ [37] : https://edg.io/lp/blog/resets-leaks-ddos-and-the-ta +│ │ │ ├ [36] : https://edg.io/lp/blog/resets-leaks-ddos-and-the-ta │ │ │ │ le-of-a-hidden-cve -│ │ │ ├ [38] : https://errata.almalinux.org/8/ALSA-2024-1444.html -│ │ │ ├ [39] : https://errata.rockylinux.org/RLSA-2023:5838 -│ │ │ ├ [40] : https://forums.swift.org/t/swift-nio-http2-security +│ │ │ ├ [37] : https://errata.almalinux.org/9/ALSA-2023-6746.html +│ │ │ ├ [38] : https://errata.rockylinux.org/RLSA-2023:5838 +│ │ │ ├ [39] : https://forums.swift.org/t/swift-nio-http2-security │ │ │ │ -update-cve-2023-44487-http-2-dos/67764 -│ │ │ ├ [41] : https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e +│ │ │ ├ [40] : https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e │ │ │ │ 131c66a0c088 -│ │ │ ├ [42] : https://github.com/Azure/AKS/issues/3947 -│ │ │ ├ [43] : https://github.com/Kong/kong/discussions/11741 -│ │ │ ├ [44] : https://github.com/advisories/GHSA-qppj-fm5r-hxr3 -│ │ │ ├ [45] : https://github.com/advisories/GHSA-vx74-f528-fxqg -│ │ │ ├ [46] : https://github.com/advisories/GHSA-xpw8-rcwv-8f8p -│ │ │ ├ [47] : https://github.com/akka/akka-http/issues/4323 -│ │ │ ├ [48] : https://github.com/akka/akka-http/pull/4324 -│ │ │ ├ [49] : https://github.com/akka/akka-http/pull/4325 -│ │ │ ├ [50] : https://github.com/alibaba/tengine/issues/1872 -│ │ │ ├ [51] : https://github.com/apache/apisix/issues/10320 -│ │ │ ├ [52] : https://github.com/apache/httpd-site/pull/10 -│ │ │ ├ [53] : https://github.com/apache/httpd/blob/afcdbeebbff4b0 +│ │ │ ├ [41] : https://github.com/Azure/AKS/issues/3947 +│ │ │ ├ [42] : https://github.com/Kong/kong/discussions/11741 +│ │ │ ├ [43] : https://github.com/advisories/GHSA-qppj-fm5r-hxr3 +│ │ │ ├ [44] : https://github.com/advisories/GHSA-vx74-f528-fxqg +│ │ │ ├ [45] : https://github.com/advisories/GHSA-xpw8-rcwv-8f8p +│ │ │ ├ [46] : https://github.com/akka/akka-http/issues/4323 +│ │ │ ├ [47] : https://github.com/akka/akka-http/pull/4324 +│ │ │ ├ [48] : https://github.com/akka/akka-http/pull/4325 +│ │ │ ├ [49] : https://github.com/alibaba/tengine/issues/1872 +│ │ │ ├ [50] : https://github.com/apache/apisix/issues/10320 +│ │ │ ├ [51] : https://github.com/apache/httpd-site/pull/10 +│ │ │ ├ [52] : https://github.com/apache/httpd/blob/afcdbeebbff4b0 │ │ │ │ c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c# │ │ │ │ L1101-L1113 -│ │ │ ├ [54] : https://github.com/apache/tomcat/commit/944332bb15b +│ │ │ ├ [53] : https://github.com/apache/tomcat/commit/944332bb15b │ │ │ │ d2f3bf76ec2caeb1ff0a58a3bc628 -│ │ │ ├ [55] : https://github.com/apache/tomcat/tree/main/java/org +│ │ │ ├ [54] : https://github.com/apache/tomcat/tree/main/java/org │ │ │ │ /apache/coyote/http2 -│ │ │ ├ [56] : https://github.com/apache/trafficserver/pull/10564 -│ │ │ ├ [57] : https://github.com/apple/swift-nio-http2 -│ │ │ ├ [58] : https://github.com/apple/swift-nio-http2/security/a +│ │ │ ├ [55] : https://github.com/apache/trafficserver/pull/10564 +│ │ │ ├ [56] : https://github.com/apple/swift-nio-http2 +│ │ │ ├ [57] : https://github.com/apple/swift-nio-http2/security/a │ │ │ │ dvisories/GHSA-qppj-fm5r-hxr3 -│ │ │ ├ [59] : https://github.com/arkrwn/PoC/tree/main/CVE-2023-44 +│ │ │ ├ [58] : https://github.com/arkrwn/PoC/tree/main/CVE-2023-44 │ │ │ │ 487 -│ │ │ ├ [60] : https://github.com/bcdannyboy/CVE-2023-44487 -│ │ │ ├ [61] : https://github.com/caddyserver/caddy/issues/5877 -│ │ │ ├ [62] : https://github.com/caddyserver/caddy/releases/tag/v +│ │ │ ├ [59] : https://github.com/bcdannyboy/CVE-2023-44487 +│ │ │ ├ [60] : https://github.com/caddyserver/caddy/issues/5877 +│ │ │ ├ [61] : https://github.com/caddyserver/caddy/releases/tag/v │ │ │ │ 2.7.5 -│ │ │ ├ [63] : https://github.com/dotnet/announcements/issues/277 -│ │ │ ├ [64] : https://github.com/dotnet/core/blob/e4613450ea0da7f +│ │ │ ├ [62] : https://github.com/dotnet/announcements/issues/277 +│ │ │ ├ [63] : https://github.com/dotnet/core/blob/e4613450ea0da7f │ │ │ │ d2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/ │ │ │ │ 6.0.23.md?plain=1#L73 -│ │ │ ├ [65] : https://github.com/eclipse/jetty.project/issues/10679 -│ │ │ ├ [66] : https://github.com/envoyproxy/envoy/pull/30055 -│ │ │ ├ [67] : https://github.com/etcd-io/etcd/issues/16740 -│ │ │ ├ [68] : https://github.com/facebook/proxygen/pull/466 -│ │ │ ├ [69] : https://github.com/golang/go/issues/63417 -│ │ │ ├ [70] : https://github.com/grpc/grpc-go/pull/6703 -│ │ │ ├ [71] : https://github.com/grpc/grpc-go/releases -│ │ │ ├ [72] : https://github.com/h2o/h2o/pull/3291 -│ │ │ ├ [73] : https://github.com/h2o/h2o/security/advisories/GHSA +│ │ │ ├ [64] : https://github.com/eclipse/jetty.project/issues/10679 +│ │ │ ├ [65] : https://github.com/envoyproxy/envoy/pull/30055 +│ │ │ ├ [66] : https://github.com/etcd-io/etcd/issues/16740 +│ │ │ ├ [67] : https://github.com/facebook/proxygen/pull/466 +│ │ │ ├ [68] : https://github.com/golang/go/issues/63417 +│ │ │ ├ [69] : https://github.com/grpc/grpc-go/pull/6703 +│ │ │ ├ [70] : https://github.com/grpc/grpc-go/releases +│ │ │ ├ [71] : https://github.com/h2o/h2o/pull/3291 +│ │ │ ├ [72] : https://github.com/h2o/h2o/security/advisories/GHSA │ │ │ │ -2m7v-gc89-fjqf -│ │ │ ├ [74] : https://github.com/haproxy/haproxy/issues/2312 -│ │ │ ├ [75] : https://github.com/hyperium/hyper/issues/3337 -│ │ │ ├ [76] : https://github.com/icing/mod_h2/blob/0a864782af0a94 +│ │ │ ├ [73] : https://github.com/haproxy/haproxy/issues/2312 +│ │ │ ├ [74] : https://github.com/hyperium/hyper/issues/3337 +│ │ │ ├ [75] : https://github.com/icing/mod_h2/blob/0a864782af0a94 │ │ │ │ 2aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plai │ │ │ │ n=1#L239-L244 -│ │ │ ├ [77] : https://github.com/junkurihara/rust-rpxy/issues/97 -│ │ │ ├ [78] : https://github.com/kazu-yamamoto/http2/commit/f61d4 +│ │ │ ├ [76] : https://github.com/junkurihara/rust-rpxy/issues/97 +│ │ │ ├ [77] : https://github.com/kazu-yamamoto/http2/commit/f61d4 │ │ │ │ 1a502bd0f60eb24e1ce14edc7b6df6722a1 -│ │ │ ├ [79] : https://github.com/kazu-yamamoto/http2/issues/93 -│ │ │ ├ [80] : https://github.com/kubernetes/kubernetes/pull/121120 -│ │ │ ├ [81] : https://github.com/line/armeria/pull/5232 -│ │ │ ├ [82] : https://github.com/linkerd/website/pull/1695/commit +│ │ │ ├ [78] : https://github.com/kazu-yamamoto/http2/issues/93 +│ │ │ ├ [79] : https://github.com/kubernetes/kubernetes/pull/121120 +│ │ │ ├ [80] : https://github.com/line/armeria/pull/5232 +│ │ │ ├ [81] : https://github.com/linkerd/website/pull/1695/commit │ │ │ │ s/4b9c6836471bc8270ab48aae6fd2181bc73fd632 -│ │ │ ├ [83] : https://github.com/micrictor/http2-rst-stream -│ │ │ ├ [84] : https://github.com/microsoft/CBL-Mariner/pull/6381 -│ │ │ ├ [85] : https://github.com/netty/netty/commit/58f75f665aa81 +│ │ │ ├ [82] : https://github.com/micrictor/http2-rst-stream +│ │ │ ├ [83] : https://github.com/microsoft/CBL-Mariner/pull/6381 +│ │ │ ├ [84] : https://github.com/netty/netty/commit/58f75f665aa81 │ │ │ │ a8cbcf6ffa74820042a285c5e61 -│ │ │ ├ [86] : https://github.com/nghttp2/nghttp2/pull/1961 -│ │ │ ├ [87] : https://github.com/nghttp2/nghttp2/releases/tag/v1. +│ │ │ ├ [85] : https://github.com/nghttp2/nghttp2/pull/1961 +│ │ │ ├ [86] : https://github.com/nghttp2/nghttp2/releases/tag/v1. │ │ │ │ 57.0 -│ │ │ ├ [88] : https://github.com/ninenines/cowboy/issues/1615 -│ │ │ ├ [89] : https://github.com/nodejs/node/pull/50121 -│ │ │ ├ [90] : https://github.com/openresty/openresty/issues/930 -│ │ │ ├ [91] : https://github.com/opensearch-project/data-prepper/ +│ │ │ ├ [87] : https://github.com/ninenines/cowboy/issues/1615 +│ │ │ ├ [88] : https://github.com/nodejs/node/pull/50121 +│ │ │ ├ [89] : https://github.com/openresty/openresty/issues/930 +│ │ │ ├ [90] : https://github.com/opensearch-project/data-prepper/ │ │ │ │ issues/3474 -│ │ │ ├ [92] : https://github.com/oqtane/oqtane.framework/discussi +│ │ │ ├ [91] : https://github.com/oqtane/oqtane.framework/discussi │ │ │ │ ons/3367 -│ │ │ ├ [93] : https://github.com/projectcontour/contour/pull/5826 -│ │ │ ├ [94] : https://github.com/tempesta-tech/tempesta/issues/1986 -│ │ │ ├ [95] : https://github.com/varnishcache/varnish-cache/issue +│ │ │ ├ [92] : https://github.com/projectcontour/contour/pull/5826 +│ │ │ ├ [93] : https://github.com/tempesta-tech/tempesta/issues/1986 +│ │ │ ├ [94] : https://github.com/varnishcache/varnish-cache/issue │ │ │ │ s/3996 -│ │ │ ├ [96] : https://go.dev/cl/534215 -│ │ │ ├ [97] : https://go.dev/cl/534235 -│ │ │ ├ [98] : https://go.dev/issue/63417 -│ │ │ ├ [99] : https://groups.google.com/g/golang-announce/c/iNNxD +│ │ │ ├ [95] : https://go.dev/cl/534215 +│ │ │ ├ [96] : https://go.dev/cl/534235 +│ │ │ ├ [97] : https://go.dev/issue/63417 +│ │ │ ├ [98] : https://groups.google.com/g/golang-announce/c/iNNxD │ │ │ │ TCjZvo -│ │ │ ├ [100]: https://groups.google.com/g/golang-announce/c/iNNxD +│ │ │ ├ [99] : https://groups.google.com/g/golang-announce/c/iNNxD │ │ │ │ TCjZvo/m/UDd7VKQuAAAJ -│ │ │ ├ [101]: https://istio.io/latest/news/security/istio-securit +│ │ │ ├ [100]: https://istio.io/latest/news/security/istio-securit │ │ │ │ y-2023-004 -│ │ │ ├ [102]: https://istio.io/latest/news/security/istio-securit +│ │ │ ├ [101]: https://istio.io/latest/news/security/istio-securit │ │ │ │ y-2023-004/ -│ │ │ ├ [103]: https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 -│ │ │ ├ [104]: https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ -│ │ │ ├ [105]: https://linux.oracle.com/cve/CVE-2023-44487.html -│ │ │ ├ [106]: https://linux.oracle.com/errata/ELSA-2024-1444.html -│ │ │ ├ [107]: https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o +│ │ │ ├ [102]: https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 +│ │ │ ├ [103]: https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ +│ │ │ ├ [104]: https://linux.oracle.com/cve/CVE-2023-44487.html +│ │ │ ├ [105]: https://linux.oracle.com/errata/ELSA-2024-1444.html +│ │ │ ├ [106]: https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o │ │ │ │ 41xwhsjlsd87q -│ │ │ ├ [108]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [107]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 0/msg00020.html -│ │ │ ├ [109]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [108]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 0/msg00023.html -│ │ │ ├ [110]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [109]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 0/msg00024.html -│ │ │ ├ [111]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [110]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 0/msg00045.html -│ │ │ ├ [112]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [111]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 0/msg00047.html -│ │ │ ├ [113]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [112]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 1/msg00001.html -│ │ │ ├ [114]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [113]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 1/msg00012.html -│ │ │ ├ [115]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [114]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/2MBEP │ │ │ │ PC36UBVOZZNAXFHKLFGSLCMN5LI -│ │ │ ├ [116]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [115]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/2MBEP │ │ │ │ PC36UBVOZZNAXFHKLFGSLCMN5LI/ -│ │ │ ├ [117]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [116]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/3N4NJ │ │ │ │ 7FR4X4FPZUGNTQAPSTVB2HB2Y4A -│ │ │ ├ [118]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [117]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/3N4NJ │ │ │ │ 7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ -│ │ │ ├ [119]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [118]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/BFQD3 │ │ │ │ KUEMFBHPAPBGLWQC34L4OWL5HAZ -│ │ │ ├ [120]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [119]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/BFQD3 │ │ │ │ KUEMFBHPAPBGLWQC34L4OWL5HAZ/ -│ │ │ ├ [121]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [120]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/CLB4T │ │ │ │ W7KALB3EEQWNWCN7OUIWWVWWCG2 -│ │ │ ├ [122]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [121]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/CLB4T │ │ │ │ W7KALB3EEQWNWCN7OUIWWVWWCG2/ -│ │ │ ├ [123]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [122]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/E72T6 │ │ │ │ 7UPDRXHIDLO3OROR25YAMN4GGW5 -│ │ │ ├ [124]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [123]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/E72T6 │ │ │ │ 7UPDRXHIDLO3OROR25YAMN4GGW5/ -│ │ │ ├ [125]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [124]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/FNA62 │ │ │ │ Q767CFAFHBCDKYNPBMZWB7TWYVU -│ │ │ ├ [126]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [125]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/FNA62 │ │ │ │ Q767CFAFHBCDKYNPBMZWB7TWYVU/ -│ │ │ ├ [127]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [126]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/HT7T2 │ │ │ │ R4MQKLIF4ODV4BDLPARWFPCJ5CZ -│ │ │ ├ [128]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [127]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/HT7T2 │ │ │ │ R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ -│ │ │ ├ [129]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [128]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/JIZSE │ │ │ │ FC3YKCGABA2BZW6ZJRMDZJMB7PJ -│ │ │ ├ [130]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [129]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/JIZSE │ │ │ │ FC3YKCGABA2BZW6ZJRMDZJMB7PJ/ -│ │ │ ├ [131]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [130]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/JMEXY │ │ │ │ 22BFG5Q64HQCM5CK2Q7KDKVV4TY -│ │ │ ├ [132]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [131]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/JMEXY │ │ │ │ 22BFG5Q64HQCM5CK2Q7KDKVV4TY/ -│ │ │ ├ [133]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [132]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/KSEGD │ │ │ │ 2IWKNUO3DWY4KQGUQM5BISRWHQE -│ │ │ ├ [134]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [133]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/KSEGD │ │ │ │ 2IWKNUO3DWY4KQGUQM5BISRWHQE/ -│ │ │ ├ [135]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [134]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/LKYHS │ │ │ │ ZQFDNR7RSA7LHVLLIAQMVYCUGBG -│ │ │ ├ [136]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [135]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/LKYHS │ │ │ │ ZQFDNR7RSA7LHVLLIAQMVYCUGBG/ -│ │ │ ├ [137]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [136]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/LNMZJ │ │ │ │ CDHGLJJLXO4OXWJMTVQRNWOC7UL -│ │ │ ├ [138]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [137]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/LNMZJ │ │ │ │ CDHGLJJLXO4OXWJMTVQRNWOC7UL/ -│ │ │ ├ [139]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [138]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/VHUHT │ │ │ │ SXLXGXS7JYKBXTA3VINUPHTNGVU -│ │ │ ├ [140]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [139]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/VHUHT │ │ │ │ SXLXGXS7JYKBXTA3VINUPHTNGVU/ -│ │ │ ├ [141]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [140]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/VSRDI │ │ │ │ V77HNKUSM7SJC5BKE5JSHLHU2NK -│ │ │ ├ [142]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [141]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/VSRDI │ │ │ │ V77HNKUSM7SJC5BKE5JSHLHU2NK/ -│ │ │ ├ [143]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [142]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/WE2I5 │ │ │ │ 2RHNNU42PX6NZ2RBUHSFFJ2LVZX -│ │ │ ├ [144]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [143]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/WE2I5 │ │ │ │ 2RHNNU42PX6NZ2RBUHSFFJ2LVZX/ -│ │ │ ├ [145]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [144]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/WLPRQ │ │ │ │ 5TWUQQXYWBJM7ECYDAIL2YVKIUH -│ │ │ ├ [146]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [145]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/WLPRQ │ │ │ │ 5TWUQQXYWBJM7ECYDAIL2YVKIUH/ -│ │ │ ├ [147]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [146]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/X6QXN │ │ │ │ 4ORIVF6XBW4WWFE7VNPVC74S45Y -│ │ │ ├ [148]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [147]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/X6QXN │ │ │ │ 4ORIVF6XBW4WWFE7VNPVC74S45Y/ -│ │ │ ├ [149]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [148]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/XFOIB │ │ │ │ B4YFICHDM7IBOP7PWXW3FX4HLL2 -│ │ │ ├ [150]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [149]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/XFOIB │ │ │ │ B4YFICHDM7IBOP7PWXW3FX4HLL2/ -│ │ │ ├ [151]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [150]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/ZB43R │ │ │ │ EMKRQR62NJEI7I5NQ4FSXNLBKRT -│ │ │ ├ [152]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [151]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/ZB43R │ │ │ │ EMKRQR62NJEI7I5NQ4FSXNLBKRT/ -│ │ │ ├ [153]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [152]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/ZKQSI │ │ │ │ KIAT5TJ3WSLU3RDBQ35YX4GY4V3 -│ │ │ ├ [154]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [153]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/ZKQSI │ │ │ │ KIAT5TJ3WSLU3RDBQ35YX4GY4V3/ -│ │ │ ├ [155]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [154]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/ZLU6U │ │ │ │ 2R2IC2K64NDPNMV55AUAO65MAF4 -│ │ │ ├ [156]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [155]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/ZLU6U │ │ │ │ 2R2IC2K64NDPNMV55AUAO65MAF4/ -│ │ │ ├ [157]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [156]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/3N4NJ7F │ │ │ │ R4X4FPZUGNTQAPSTVB2HB2Y4A -│ │ │ ├ [158]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [157]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/BFQD3KU │ │ │ │ EMFBHPAPBGLWQC34L4OWL5HAZ -│ │ │ ├ [159]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [158]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/CLB4TW7 │ │ │ │ KALB3EEQWNWCN7OUIWWVWWCG2 -│ │ │ ├ [160]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [159]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/E72T67U │ │ │ │ PDRXHIDLO3OROR25YAMN4GGW5 -│ │ │ ├ [161]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [160]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/FNA62Q7 │ │ │ │ 67CFAFHBCDKYNPBMZWB7TWYVU -│ │ │ ├ [162]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [161]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/HT7T2R4 │ │ │ │ MQKLIF4ODV4BDLPARWFPCJ5CZ -│ │ │ ├ [163]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [162]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/JIZSEFC │ │ │ │ 3YKCGABA2BZW6ZJRMDZJMB7PJ -│ │ │ ├ [164]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [163]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/JMEXY22 │ │ │ │ BFG5Q64HQCM5CK2Q7KDKVV4TY -│ │ │ ├ [165]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [164]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/KSEGD2I │ │ │ │ WKNUO3DWY4KQGUQM5BISRWHQE -│ │ │ ├ [166]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [165]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/LKYHSZQ │ │ │ │ FDNR7RSA7LHVLLIAQMVYCUGBG -│ │ │ ├ [167]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [166]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/LNMZJCD │ │ │ │ HGLJJLXO4OXWJMTVQRNWOC7UL -│ │ │ ├ [168]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [167]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/VHUHTSX │ │ │ │ LXGXS7JYKBXTA3VINUPHTNGVU -│ │ │ ├ [169]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [168]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/VSRDIV7 │ │ │ │ 7HNKUSM7SJC5BKE5JSHLHU2NK -│ │ │ ├ [170]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [169]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/WLPRQ5T │ │ │ │ WUQQXYWBJM7ECYDAIL2YVKIUH -│ │ │ ├ [171]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [170]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/X6QXN4O │ │ │ │ RIVF6XBW4WWFE7VNPVC74S45Y -│ │ │ ├ [172]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [171]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/XFOIBB4 │ │ │ │ YFICHDM7IBOP7PWXW3FX4HLL2 -│ │ │ ├ [173]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [172]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/ZB43REM │ │ │ │ KRQR62NJEI7I5NQ4FSXNLBKRT -│ │ │ ├ [174]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [173]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/ZKQSIKI │ │ │ │ AT5TJ3WSLU3RDBQ35YX4GY4V3 -│ │ │ ├ [175]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [174]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/ZLU6U2R │ │ │ │ 2IC2K64NDPNMV55AUAO65MAF4 -│ │ │ ├ [176]: https://lists.w3.org/Archives/Public/ietf-http-wg/2 +│ │ │ ├ [175]: https://lists.w3.org/Archives/Public/ietf-http-wg/2 │ │ │ │ 023OctDec/0025.html -│ │ │ ├ [177]: https://mailman.nginx.org/pipermail/nginx-devel/202 +│ │ │ ├ [176]: https://mailman.nginx.org/pipermail/nginx-devel/202 │ │ │ │ 3-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html -│ │ │ ├ [178]: https://martinthomson.github.io/h2-stream-limits/dr +│ │ │ ├ [177]: https://martinthomson.github.io/h2-stream-limits/dr │ │ │ │ aft-thomson-httpbis-h2-stream-limits.html -│ │ │ ├ [179]: https://msrc.microsoft.com/blog/2023/10/microsoft-r +│ │ │ ├ [178]: https://msrc.microsoft.com/blog/2023/10/microsoft-r │ │ │ │ esponse-to-distributed-denial-of-service-ddos-attac │ │ │ │ ks-against-http/2 -│ │ │ ├ [180]: https://msrc.microsoft.com/blog/2023/10/microsoft-r +│ │ │ ├ [179]: https://msrc.microsoft.com/blog/2023/10/microsoft-r │ │ │ │ esponse-to-distributed-denial-of-service-ddos-attac │ │ │ │ ks-against-http/2/ -│ │ │ ├ [181]: https://msrc.microsoft.com/update-guide/vulnerabili +│ │ │ ├ [180]: https://msrc.microsoft.com/update-guide/vulnerabili │ │ │ │ ty/CVE-2023-44487 -│ │ │ ├ [182]: https://my.f5.com/manage/s/article/K000137106 -│ │ │ ├ [183]: https://netty.io/news/2023/10/10/4-1-100-Final.html -│ │ │ ├ [184]: https://news.ycombinator.com/item?id=37830987 -│ │ │ ├ [185]: https://news.ycombinator.com/item?id=37830998 -│ │ │ ├ [186]: https://news.ycombinator.com/item?id=37831062 -│ │ │ ├ [187]: https://news.ycombinator.com/item?id=37837043 -│ │ │ ├ [188]: https://nodejs.org/en/blog/vulnerability/october-20 +│ │ │ ├ [181]: https://my.f5.com/manage/s/article/K000137106 +│ │ │ ├ [182]: https://netty.io/news/2023/10/10/4-1-100-Final.html +│ │ │ ├ [183]: https://news.ycombinator.com/item?id=37830987 +│ │ │ ├ [184]: https://news.ycombinator.com/item?id=37830998 +│ │ │ ├ [185]: https://news.ycombinator.com/item?id=37831062 +│ │ │ ├ [186]: https://news.ycombinator.com/item?id=37837043 +│ │ │ ├ [187]: https://nodejs.org/en/blog/vulnerability/october-20 │ │ │ │ 23-security-releases -│ │ │ ├ [189]: https://nvd.nist.gov/vuln/detail/CVE-2023-44487 -│ │ │ ├ [190]: https://openssf.org/blog/2023/10/10/http-2-rapid-re +│ │ │ ├ [188]: https://nvd.nist.gov/vuln/detail/CVE-2023-44487 +│ │ │ ├ [189]: https://openssf.org/blog/2023/10/10/http-2-rapid-re │ │ │ │ set-vulnerability-highlights-need-for-rapid-respons │ │ │ │ e -│ │ │ ├ [191]: https://openssf.org/blog/2023/10/10/http-2-rapid-re +│ │ │ ├ [190]: https://openssf.org/blog/2023/10/10/http-2-rapid-re │ │ │ │ set-vulnerability-highlights-need-for-rapid-respons │ │ │ │ e/ -│ │ │ ├ [192]: https://pkg.go.dev/vuln/GO-2023-2102 -│ │ │ ├ [193]: https://seanmonstar.com/post/730794151136935936/hyp +│ │ │ ├ [191]: https://pkg.go.dev/vuln/GO-2023-2102 +│ │ │ ├ [192]: https://seanmonstar.com/post/730794151136935936/hyp │ │ │ │ er-http2-rapid-reset-unaffected -│ │ │ ├ [194]: https://security.gentoo.org/glsa/202311-09 -│ │ │ ├ [195]: https://security.netapp.com/advisory/ntap-20231016- +│ │ │ ├ [193]: https://security.gentoo.org/glsa/202311-09 +│ │ │ ├ [194]: https://security.netapp.com/advisory/ntap-20231016- │ │ │ │ 0001 -│ │ │ ├ [196]: https://security.netapp.com/advisory/ntap-20231016- +│ │ │ ├ [195]: https://security.netapp.com/advisory/ntap-20231016- │ │ │ │ 0001/ -│ │ │ ├ [197]: https://security.netapp.com/advisory/ntap-20240426- +│ │ │ ├ [196]: https://security.netapp.com/advisory/ntap-20240426- │ │ │ │ 0007 -│ │ │ ├ [198]: https://security.netapp.com/advisory/ntap-20240426- +│ │ │ ├ [197]: https://security.netapp.com/advisory/ntap-20240426- │ │ │ │ 0007/ -│ │ │ ├ [199]: https://security.netapp.com/advisory/ntap-20240621- +│ │ │ ├ [198]: https://security.netapp.com/advisory/ntap-20240621- │ │ │ │ 0006 -│ │ │ ├ [200]: https://security.netapp.com/advisory/ntap-20240621- +│ │ │ ├ [199]: https://security.netapp.com/advisory/ntap-20240621- │ │ │ │ 0006/ -│ │ │ ├ [201]: https://security.netapp.com/advisory/ntap-20240621- +│ │ │ ├ [200]: https://security.netapp.com/advisory/ntap-20240621- │ │ │ │ 0007 -│ │ │ ├ [202]: https://security.netapp.com/advisory/ntap-20240621- +│ │ │ ├ [201]: https://security.netapp.com/advisory/ntap-20240621- │ │ │ │ 0007/ -│ │ │ ├ [203]: https://security.paloaltonetworks.com/CVE-2023-44487 -│ │ │ ├ [204]: https://tomcat.apache.org/security-10.html#Fixed_in +│ │ │ ├ [202]: https://security.paloaltonetworks.com/CVE-2023-44487 +│ │ │ ├ [203]: https://tomcat.apache.org/security-10.html#Fixed_in │ │ │ │ _Apache_Tomcat_10.1.14 -│ │ │ ├ [205]: https://tomcat.apache.org/security-11.html#Fixed_in +│ │ │ ├ [204]: https://tomcat.apache.org/security-11.html#Fixed_in │ │ │ │ _Apache_Tomcat_11.0.0-M12 -│ │ │ ├ [206]: https://tomcat.apache.org/security-8.html#Fixed_in_ +│ │ │ ├ [205]: https://tomcat.apache.org/security-8.html#Fixed_in_ │ │ │ │ Apache_Tomcat_8.5.94 -│ │ │ ├ [207]: https://tomcat.apache.org/security-9.html#Fixed_in_ +│ │ │ ├ [206]: https://tomcat.apache.org/security-9.html#Fixed_in_ │ │ │ │ Apache_Tomcat_9.0.81 -│ │ │ ├ [208]: https://ubuntu.com/security/CVE-2023-44487 -│ │ │ ├ [209]: https://ubuntu.com/security/notices/USN-6427-1 -│ │ │ ├ [210]: https://ubuntu.com/security/notices/USN-6427-2 -│ │ │ ├ [211]: https://ubuntu.com/security/notices/USN-6438-1 -│ │ │ ├ [212]: https://ubuntu.com/security/notices/USN-6505-1 -│ │ │ ├ [213]: https://ubuntu.com/security/notices/USN-6574-1 -│ │ │ ├ [214]: https://ubuntu.com/security/notices/USN-6754-1 -│ │ │ ├ [215]: https://ubuntu.com/security/notices/USN-6994-1 -│ │ │ ├ [216]: https://ubuntu.com/security/notices/USN-7067-1 -│ │ │ ├ [217]: https://www.bleepingcomputer.com/news/security/new- +│ │ │ ├ [207]: https://ubuntu.com/security/CVE-2023-44487 +│ │ │ ├ [208]: https://ubuntu.com/security/notices/USN-6427-1 +│ │ │ ├ [209]: https://ubuntu.com/security/notices/USN-6427-2 +│ │ │ ├ [210]: https://ubuntu.com/security/notices/USN-6438-1 +│ │ │ ├ [211]: https://ubuntu.com/security/notices/USN-6505-1 +│ │ │ ├ [212]: https://ubuntu.com/security/notices/USN-6574-1 +│ │ │ ├ [213]: https://ubuntu.com/security/notices/USN-6754-1 +│ │ │ ├ [214]: https://ubuntu.com/security/notices/USN-6994-1 +│ │ │ ├ [215]: https://ubuntu.com/security/notices/USN-7067-1 +│ │ │ ├ [216]: https://www.bleepingcomputer.com/news/security/new- │ │ │ │ http-2-rapid-reset-zero-day-attack-breaks-ddos-reco │ │ │ │ rds -│ │ │ ├ [218]: https://www.bleepingcomputer.com/news/security/new- +│ │ │ ├ [217]: https://www.bleepingcomputer.com/news/security/new- │ │ │ │ http-2-rapid-reset-zero-day-attack-breaks-ddos-reco │ │ │ │ rds/ -│ │ │ ├ [219]: https://www.cisa.gov/known-exploited-vulnerabilitie +│ │ │ ├ [218]: https://www.cisa.gov/known-exploited-vulnerabilitie │ │ │ │ s-catalog -│ │ │ ├ [220]: https://www.cisa.gov/news-events/alerts/2023/10/10/ +│ │ │ ├ [219]: https://www.cisa.gov/news-events/alerts/2023/10/10/ │ │ │ │ http2-rapid-reset-vulnerability-cve-2023-44487 -│ │ │ ├ [221]: https://www.cve.org/CVERecord?id=CVE-2023-44487 -│ │ │ ├ [222]: https://www.darkreading.com/cloud/internet-wide-zer +│ │ │ ├ [220]: https://www.cve.org/CVERecord?id=CVE-2023-44487 +│ │ │ ├ [221]: https://www.darkreading.com/cloud/internet-wide-zer │ │ │ │ o-day-bug-fuels-largest-ever-ddos-event -│ │ │ ├ [223]: https://www.debian.org/security/2023/dsa-5521 -│ │ │ ├ [224]: https://www.debian.org/security/2023/dsa-5522 -│ │ │ ├ [225]: https://www.debian.org/security/2023/dsa-5540 -│ │ │ ├ [226]: https://www.debian.org/security/2023/dsa-5549 -│ │ │ ├ [227]: https://www.debian.org/security/2023/dsa-5558 -│ │ │ ├ [228]: https://www.debian.org/security/2023/dsa-5570 -│ │ │ ├ [229]: https://www.eclipse.org/lists/jetty-announce/msg001 +│ │ │ ├ [222]: https://www.debian.org/security/2023/dsa-5521 +│ │ │ ├ [223]: https://www.debian.org/security/2023/dsa-5522 +│ │ │ ├ [224]: https://www.debian.org/security/2023/dsa-5540 +│ │ │ ├ [225]: https://www.debian.org/security/2023/dsa-5549 +│ │ │ ├ [226]: https://www.debian.org/security/2023/dsa-5558 +│ │ │ ├ [227]: https://www.debian.org/security/2023/dsa-5570 +│ │ │ ├ [228]: https://www.eclipse.org/lists/jetty-announce/msg001 │ │ │ │ 81.html -│ │ │ ├ [230]: https://www.haproxy.com/blog/haproxy-is-not-affecte +│ │ │ ├ [229]: https://www.haproxy.com/blog/haproxy-is-not-affecte │ │ │ │ d-by-the-http-2-rapid-reset-attack-cve-2023-44487 -│ │ │ ├ [231]: https://www.mail-archive.com/haproxy@formilux.org/m +│ │ │ ├ [230]: https://www.mail-archive.com/haproxy@formilux.org/m │ │ │ │ sg44134.html -│ │ │ ├ [232]: https://www.netlify.com/blog/netlify-successfully-m +│ │ │ ├ [231]: https://www.netlify.com/blog/netlify-successfully-m │ │ │ │ itigates-cve-2023-44487 -│ │ │ ├ [233]: https://www.netlify.com/blog/netlify-successfully-m +│ │ │ ├ [232]: https://www.netlify.com/blog/netlify-successfully-m │ │ │ │ itigates-cve-2023-44487/ -│ │ │ ├ [234]: https://www.nginx.com/blog/http-2-rapid-reset-attac +│ │ │ ├ [233]: https://www.nginx.com/blog/http-2-rapid-reset-attac │ │ │ │ k-impacting-f5-nginx-products -│ │ │ ├ [235]: https://www.nginx.com/blog/http-2-rapid-reset-attac +│ │ │ ├ [234]: https://www.nginx.com/blog/http-2-rapid-reset-attac │ │ │ │ k-impacting-f5-nginx-products/ -│ │ │ ├ [236]: https://www.openwall.com/lists/oss-security/2023/10 +│ │ │ ├ [235]: https://www.openwall.com/lists/oss-security/2023/10 │ │ │ │ /10/6 -│ │ │ ├ [237]: https://www.phoronix.com/news/HTTP2-Rapid-Reset-Att +│ │ │ ├ [236]: https://www.phoronix.com/news/HTTP2-Rapid-Reset-Att │ │ │ │ ack -│ │ │ ├ [238]: https://www.theregister.com/2023/10/10/http2_rapid_ +│ │ │ ├ [237]: https://www.theregister.com/2023/10/10/http2_rapid_ │ │ │ │ reset_zeroday -│ │ │ ├ [239]: https://www.theregister.com/2023/10/10/http2_rapid_ +│ │ │ ├ [238]: https://www.theregister.com/2023/10/10/http2_rapid_ │ │ │ │ reset_zeroday/ -│ │ │ ╰ [240]: https://www.vicarius.io/vsociety/posts/rapid-reset- +│ │ │ ╰ [239]: https://www.vicarius.io/vsociety/posts/rapid-reset- │ │ │ cve-2023-44487-dos-in-http2-understanding-the-root- │ │ │ cause │ │ ├ PublishedDate : 2023-10-10T14:15:10.883Z @@ -3237,10 +3234,10 @@ │ │ ├ InstalledVersion: v0.12.0 │ │ ├ FixedVersion : 0.23.0 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-45288 │ │ ├ DataSource ╭ ID : ghsa @@ -3288,7 +3285,7 @@ │ │ │ │ 3/16 │ │ │ ├ [1] : http://www.openwall.com/lists/oss-security/2024/04/0 │ │ │ │ 5/4 -│ │ │ ├ [2] : https://access.redhat.com/errata/RHSA-2024:3346 +│ │ │ ├ [2] : https://access.redhat.com/errata/RHSA-2024:2724 │ │ │ ├ [3] : https://access.redhat.com/security/cve/CVE-2023-45288 │ │ │ ├ [4] : https://bugzilla.redhat.com/2268017 │ │ │ ├ [5] : https://bugzilla.redhat.com/2268018 @@ -3306,7 +3303,7 @@ │ │ │ │ 023-45290 │ │ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24783 -│ │ │ ├ [16]: https://errata.almalinux.org/8/ALSA-2024-3346.html +│ │ │ ├ [16]: https://errata.almalinux.org/9/ALSA-2024-2724.html │ │ │ ├ [17]: https://errata.rockylinux.org/RLSA-2024:2724 │ │ │ ├ [18]: https://go.dev/cl/576155 │ │ │ ├ [19]: https://go.dev/issue/65051 @@ -3345,10 +3342,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.11, 1.22.4 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-24790 │ │ ├ DataSource ╭ ID : govulndb @@ -3382,37 +3379,39 @@ │ │ │ ╰ V3Score : 6.7 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/06/0 │ │ │ │ 4/1 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:5291 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:9115 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2024-24790 │ │ │ ├ [3] : https://bugzilla.redhat.com/2279814 │ │ │ ├ [4] : https://bugzilla.redhat.com/2292668 │ │ │ ├ [5] : https://bugzilla.redhat.com/2292787 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2292668 -│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2292787 -│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2294000 +│ │ │ ├ [7] : https://bugzilla.redhat.com/2295310 +│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2292668 +│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2292787 +│ │ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24789 -│ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [11]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24790 -│ │ │ ├ [10]: https://errata.almalinux.org/8/ALSA-2024-5291.html -│ │ │ ├ [11]: https://errata.rockylinux.org/RLSA-2024:4212 -│ │ │ ├ [12]: https://github.com/golang/go/commit/051bdf3fd12a4030 +│ │ │ ├ [12]: https://errata.almalinux.org/9/ALSA-2024-9115.html +│ │ │ ├ [13]: https://errata.rockylinux.org/RLSA-2024:4212 +│ │ │ ├ [14]: https://github.com/golang/go/commit/051bdf3fd12a4030 │ │ │ │ 7606ff9381138039c5f452f0 (1.21) -│ │ │ ├ [13]: https://github.com/golang/go/commit/12d5810cdb1f73cf +│ │ │ ├ [15]: https://github.com/golang/go/commit/12d5810cdb1f73cf │ │ │ │ 23d7a86462143e9463317fca (1.22) -│ │ │ ├ [14]: https://github.com/golang/go/issues/67680 -│ │ │ ├ [15]: https://go.dev/cl/590316 -│ │ │ ├ [16]: https://go.dev/issue/67680 -│ │ │ ├ [17]: https://groups.google.com/g/golang-announce/c/XbxouI +│ │ │ ├ [16]: https://github.com/golang/go/issues/67680 +│ │ │ ├ [17]: https://go.dev/cl/590316 +│ │ │ ├ [18]: https://go.dev/issue/67680 +│ │ │ ├ [19]: https://groups.google.com/g/golang-announce/c/XbxouI │ │ │ │ 9gY7k -│ │ │ ├ [18]: https://groups.google.com/g/golang-announce/c/XbxouI +│ │ │ ├ [20]: https://groups.google.com/g/golang-announce/c/XbxouI │ │ │ │ 9gY7k/m/TuoGEhxIEwAJ -│ │ │ ├ [19]: https://linux.oracle.com/cve/CVE-2024-24790.html -│ │ │ ├ [20]: https://linux.oracle.com/errata/ELSA-2024-9115.html -│ │ │ ├ [21]: https://nvd.nist.gov/vuln/detail/CVE-2024-24790 -│ │ │ ├ [22]: https://pkg.go.dev/vuln/GO-2024-2887 -│ │ │ ├ [23]: https://ubuntu.com/security/notices/USN-6886-1 -│ │ │ ├ [24]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ╰ [25]: https://www.cve.org/CVERecord?id=CVE-2024-24790 +│ │ │ ├ [21]: https://linux.oracle.com/cve/CVE-2024-24790.html +│ │ │ ├ [22]: https://linux.oracle.com/errata/ELSA-2024-9115.html +│ │ │ ├ [23]: https://nvd.nist.gov/vuln/detail/CVE-2024-24790 +│ │ │ ├ [24]: https://pkg.go.dev/vuln/GO-2024-2887 +│ │ │ ├ [25]: https://ubuntu.com/security/notices/USN-6886-1 +│ │ │ ├ [26]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ╰ [27]: https://www.cve.org/CVERecord?id=CVE-2024-24790 │ │ ├ PublishedDate : 2024-06-05T16:15:10.56Z │ │ ╰ LastModifiedDate: 2024-09-03T18:35:07.483Z │ ├ [6] ╭ VulnerabilityID : CVE-2023-39325 @@ -3423,10 +3422,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.20.10, 1.21.3 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-39325 │ │ ├ DataSource ╭ ID : govulndb @@ -3480,7 +3479,7 @@ │ │ │ │ :N/A:H │ │ │ ╰ V3Score : 7.5 │ │ ├ References ╭ [0] : golang.org/x/net -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2023:5863 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2023:6077 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2023-39325 │ │ │ ├ [3] : https://access.redhat.com/security/cve/CVE-2023-44487 │ │ │ ├ [4] : https://bugzilla.redhat.com/2242803 @@ -3491,7 +3490,7 @@ │ │ │ │ 2023-39325 │ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE- │ │ │ │ 2023-44487 -│ │ │ ├ [10] : https://errata.almalinux.org/8/ALSA-2023-5863.html +│ │ │ ├ [10] : https://errata.almalinux.org/9/ALSA-2023-6077.html │ │ │ ├ [11] : https://errata.rockylinux.org/RLSA-2023:6077 │ │ │ ├ [12] : https://github.com/golang/go/commit/24ae2d927285c69 │ │ │ │ 7440fdde3ad7f26028354bcf3 [golang- 1.21] @@ -3744,10 +3743,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.20.11, 1.21.4, 1.20.12, 1.21.5 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-45283 │ │ ├ DataSource ╭ ID : govulndb @@ -3810,10 +3809,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.9, 1.22.2 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-45288 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -3859,7 +3858,7 @@ │ │ │ │ 3/16 │ │ │ ├ [1] : http://www.openwall.com/lists/oss-security/2024/04/0 │ │ │ │ 5/4 -│ │ │ ├ [2] : https://access.redhat.com/errata/RHSA-2024:3346 +│ │ │ ├ [2] : https://access.redhat.com/errata/RHSA-2024:2724 │ │ │ ├ [3] : https://access.redhat.com/security/cve/CVE-2023-45288 │ │ │ ├ [4] : https://bugzilla.redhat.com/2268017 │ │ │ ├ [5] : https://bugzilla.redhat.com/2268018 @@ -3877,7 +3876,7 @@ │ │ │ │ 023-45290 │ │ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24783 -│ │ │ ├ [16]: https://errata.almalinux.org/8/ALSA-2024-3346.html +│ │ │ ├ [16]: https://errata.almalinux.org/9/ALSA-2024-2724.html │ │ │ ├ [17]: https://errata.rockylinux.org/RLSA-2024:2724 │ │ │ ├ [18]: https://go.dev/cl/576155 │ │ │ ├ [19]: https://go.dev/issue/65051 @@ -3916,10 +3915,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.22.7, 1.23.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-34156 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -3945,34 +3944,32 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I │ │ │ │ :N/A:H │ │ │ ╰ V3Score : 7.5 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:8038 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9473 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-34156 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2268017 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2310527 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2310528 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2310529 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2310528 -│ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2310528 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2318052 +│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2310528 +│ │ │ ├ [5] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34156 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-8038.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:7204 -│ │ │ ├ [10]: https://github.com/golang/go/commit/2092294f2b097c58 +│ │ │ ├ [6] : https://errata.almalinux.org/9/ALSA-2024-9473.html +│ │ │ ├ [7] : https://errata.rockylinux.org/RLSA-2024:7204 +│ │ │ ├ [8] : https://github.com/golang/go/commit/2092294f2b097c58 │ │ │ │ 28f4eace6c98a322c1510b01 (go1.22.7) -│ │ │ ├ [11]: https://github.com/golang/go/commit/fa8ff1a46deb6c81 +│ │ │ ├ [9] : https://github.com/golang/go/commit/fa8ff1a46deb6c81 │ │ │ │ 6304441ec6740ec112e19012 (go1.23.1) -│ │ │ ├ [12]: https://go.dev/cl/611239 -│ │ │ ├ [13]: https://go.dev/issue/69139 -│ │ │ ├ [14]: https://groups.google.com/g/golang-announce/c/K-cEzD +│ │ │ ├ [10]: https://go.dev/cl/611239 +│ │ │ ├ [11]: https://go.dev/issue/69139 +│ │ │ ├ [12]: https://groups.google.com/g/golang-announce/c/K-cEzD │ │ │ │ eCtpc -│ │ │ ├ [15]: https://groups.google.com/g/golang-dev/c/S9POB9NCTdk -│ │ │ ├ [16]: https://linux.oracle.com/cve/CVE-2024-34156.html -│ │ │ ├ [17]: https://linux.oracle.com/errata/ELSA-2024-9473.html -│ │ │ ├ [18]: https://nvd.nist.gov/vuln/detail/CVE-2024-34156 -│ │ │ ├ [19]: https://pkg.go.dev/vuln/GO-2024-3106 -│ │ │ ├ [20]: https://ubuntu.com/security/notices/USN-7081-1 -│ │ │ ├ [21]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [22]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ │ ╰ [23]: https://www.cve.org/CVERecord?id=CVE-2024-34156 +│ │ │ ├ [13]: https://groups.google.com/g/golang-dev/c/S9POB9NCTdk +│ │ │ ├ [14]: https://linux.oracle.com/cve/CVE-2024-34156.html +│ │ │ ├ [15]: https://linux.oracle.com/errata/ELSA-2024-9473.html +│ │ │ ├ [16]: https://nvd.nist.gov/vuln/detail/CVE-2024-34156 +│ │ │ ├ [17]: https://pkg.go.dev/vuln/GO-2024-3106 +│ │ │ ├ [18]: https://ubuntu.com/security/notices/USN-7081-1 +│ │ │ ├ [19]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [20]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ │ ╰ [21]: https://www.cve.org/CVERecord?id=CVE-2024-34156 │ │ ├ PublishedDate : 2024-09-06T21:15:12.02Z │ │ ╰ LastModifiedDate: 2024-09-09T15:35:07.573Z │ ├ [10] ╭ VulnerabilityID : CVE-2023-29406 @@ -3983,10 +3980,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.19.11, 1.20.6 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-29406 │ │ ├ DataSource ╭ ID : govulndb @@ -4019,29 +4016,41 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I │ │ │ │ :H/A:N │ │ │ ╰ V3Score : 6.5 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2023:7202 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2023:6474 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2023-29406 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2222167 -│ │ │ ├ [3] : https://errata.almalinux.org/8/ALSA-2023-7202.html -│ │ │ ├ [4] : https://github.com/golang/go/commit/312920c00aac9897 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2174485 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2178358 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2178488 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2178492 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2184481 +│ │ │ ├ [7] : https://bugzilla.redhat.com/2184482 +│ │ │ ├ [8] : https://bugzilla.redhat.com/2184483 +│ │ │ ├ [9] : https://bugzilla.redhat.com/2184484 +│ │ │ ├ [10]: https://bugzilla.redhat.com/2196026 +│ │ │ ├ [11]: https://bugzilla.redhat.com/2196027 +│ │ │ ├ [12]: https://bugzilla.redhat.com/2196029 +│ │ │ ├ [13]: https://bugzilla.redhat.com/2222167 +│ │ │ ├ [14]: https://bugzilla.redhat.com/2228689 +│ │ │ ├ [15]: https://errata.almalinux.org/9/ALSA-2023-6474.html +│ │ │ ├ [16]: https://github.com/golang/go/commit/312920c00aac9897 │ │ │ │ b2a0693e752390b5b0711a5a (go1.20.6) -│ │ │ ├ [5] : https://github.com/golang/go/commit/5fa6923b1ea89140 +│ │ │ ├ [17]: https://github.com/golang/go/commit/5fa6923b1ea89140 │ │ │ │ 0153d04ddf1545e23b40041b (go1.19.11) -│ │ │ ├ [6] : https://github.com/golang/go/issues/60374 -│ │ │ ├ [7] : https://go.dev/cl/506996 -│ │ │ ├ [8] : https://go.dev/issue/60374 -│ │ │ ├ [9] : https://groups.google.com/g/golang-announce/c/2q13H6 +│ │ │ ├ [18]: https://github.com/golang/go/issues/60374 +│ │ │ ├ [19]: https://go.dev/cl/506996 +│ │ │ ├ [20]: https://go.dev/issue/60374 +│ │ │ ├ [21]: https://groups.google.com/g/golang-announce/c/2q13H6 │ │ │ │ LEEx0 -│ │ │ ├ [10]: https://linux.oracle.com/cve/CVE-2023-29406.html -│ │ │ ├ [11]: https://linux.oracle.com/errata/ELSA-2023-7202.html -│ │ │ ├ [12]: https://nvd.nist.gov/vuln/detail/CVE-2023-29406 -│ │ │ ├ [13]: https://pkg.go.dev/vuln/GO-2023-1878 -│ │ │ ├ [14]: https://security.gentoo.org/glsa/202311-09 -│ │ │ ├ [15]: https://security.netapp.com/advisory/ntap-20230814-0 +│ │ │ ├ [22]: https://linux.oracle.com/cve/CVE-2023-29406.html +│ │ │ ├ [23]: https://linux.oracle.com/errata/ELSA-2023-7202.html +│ │ │ ├ [24]: https://nvd.nist.gov/vuln/detail/CVE-2023-29406 +│ │ │ ├ [25]: https://pkg.go.dev/vuln/GO-2023-1878 +│ │ │ ├ [26]: https://security.gentoo.org/glsa/202311-09 +│ │ │ ├ [27]: https://security.netapp.com/advisory/ntap-20230814-0 │ │ │ │ 002/ -│ │ │ ├ [16]: https://ubuntu.com/security/notices/USN-7061-1 -│ │ │ ├ [17]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ╰ [18]: https://www.cve.org/CVERecord?id=CVE-2023-29406 +│ │ │ ├ [28]: https://ubuntu.com/security/notices/USN-7061-1 +│ │ │ ├ [29]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ╰ [30]: https://www.cve.org/CVERecord?id=CVE-2023-29406 │ │ ├ PublishedDate : 2023-07-11T20:15:10.643Z │ │ ╰ LastModifiedDate: 2023-11-25T11:15:14.727Z │ ├ [11] ╭ VulnerabilityID : CVE-2023-29409 @@ -4052,10 +4061,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.19.12, 1.20.7, 1.21.0-rc.4 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-29409 │ │ ├ DataSource ╭ ID : govulndb @@ -4095,30 +4104,26 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I │ │ │ │ :N/A:L │ │ │ ╰ V3Score : 5.3 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:0121 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2023:7766 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2023-29409 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2124669 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2132867 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2132868 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2132872 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2228743 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2237773 -│ │ │ ├ [8] : https://bugzilla.redhat.com/2237776 -│ │ │ ├ [9] : https://bugzilla.redhat.com/2237777 -│ │ │ ├ [10]: https://bugzilla.redhat.com/2237778 -│ │ │ ├ [11]: https://errata.almalinux.org/8/ALSA-2024-0121.html -│ │ │ ├ [12]: https://go.dev/cl/515257 -│ │ │ ├ [13]: https://go.dev/issue/61460 -│ │ │ ├ [14]: https://groups.google.com/g/golang-announce/c/X0b6Cs +│ │ │ ├ [2] : https://bugzilla.redhat.com/2228743 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2237773 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2237776 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2237777 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2237778 +│ │ │ ├ [7] : https://errata.almalinux.org/9/ALSA-2023-7766.html +│ │ │ ├ [8] : https://go.dev/cl/515257 +│ │ │ ├ [9] : https://go.dev/issue/61460 +│ │ │ ├ [10]: https://groups.google.com/g/golang-announce/c/X0b6Cs │ │ │ │ SAaYI/m/Efv5DbZ9AwAJ -│ │ │ ├ [15]: https://linux.oracle.com/cve/CVE-2023-29409.html -│ │ │ ├ [16]: https://linux.oracle.com/errata/ELSA-2024-2988.html -│ │ │ ├ [17]: https://nvd.nist.gov/vuln/detail/CVE-2023-29409 -│ │ │ ├ [18]: https://pkg.go.dev/vuln/GO-2023-1987 -│ │ │ ├ [19]: https://security.gentoo.org/glsa/202311-09 -│ │ │ ├ [20]: https://security.netapp.com/advisory/ntap-20230831-0 +│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2023-29409.html +│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-2988.html +│ │ │ ├ [13]: https://nvd.nist.gov/vuln/detail/CVE-2023-29409 +│ │ │ ├ [14]: https://pkg.go.dev/vuln/GO-2023-1987 +│ │ │ ├ [15]: https://security.gentoo.org/glsa/202311-09 +│ │ │ ├ [16]: https://security.netapp.com/advisory/ntap-20230831-0 │ │ │ │ 010/ -│ │ │ ╰ [21]: https://www.cve.org/CVERecord?id=CVE-2023-29409 +│ │ │ ╰ [17]: https://www.cve.org/CVERecord?id=CVE-2023-29409 │ │ ├ PublishedDate : 2023-08-02T20:15:11.94Z │ │ ╰ LastModifiedDate: 2023-11-25T11:15:14.87Z │ ├ [12] ╭ VulnerabilityID : CVE-2023-39318 @@ -4129,10 +4134,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.20.8, 1.21.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-39318 │ │ ├ DataSource ╭ ID : govulndb @@ -4167,40 +4172,34 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I │ │ │ │ :L/A:N │ │ │ ╰ V3Score : 6.1 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:0121 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:2160 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2023-39318 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2124669 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2132867 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2132868 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2132872 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2228743 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2237773 -│ │ │ ├ [8] : https://bugzilla.redhat.com/2237776 -│ │ │ ├ [9] : https://bugzilla.redhat.com/2237777 -│ │ │ ├ [10]: https://bugzilla.redhat.com/2237778 -│ │ │ ├ [11]: https://errata.almalinux.org/8/ALSA-2024-0121.html -│ │ │ ├ [12]: https://github.com/golang/go/commit/023b542edf38e2a1 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2237773 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2237776 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2253330 +│ │ │ ├ [5] : https://errata.almalinux.org/9/ALSA-2024-2160.html +│ │ │ ├ [6] : https://github.com/golang/go/commit/023b542edf38e2a1 │ │ │ │ f87fcefb9f75ff2f99401b4c (go1.20.8) -│ │ │ ├ [13]: https://github.com/golang/go/commit/b0e1d3ea26e8e8fc +│ │ │ ├ [7] : https://github.com/golang/go/commit/b0e1d3ea26e8e8fc │ │ │ │ e7726690c9ef0597e60739fb (go1.21.1) -│ │ │ ├ [14]: https://go.dev/cl/526156 -│ │ │ ├ [15]: https://go.dev/issue/62196 -│ │ │ ├ [16]: https://groups.google.com/g/golang-announce/c/Fm51GR +│ │ │ ├ [8] : https://go.dev/cl/526156 +│ │ │ ├ [9] : https://go.dev/issue/62196 +│ │ │ ├ [10]: https://groups.google.com/g/golang-announce/c/Fm51GR │ │ │ │ LNRvM -│ │ │ ├ [17]: https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI +│ │ │ ├ [11]: https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI │ │ │ │ /m/L1hdrPhfBAAJ -│ │ │ ├ [18]: https://linux.oracle.com/cve/CVE-2023-39318.html -│ │ │ ├ [19]: https://linux.oracle.com/errata/ELSA-2024-2988.html -│ │ │ ├ [20]: https://nvd.nist.gov/vuln/detail/CVE-2023-39318 -│ │ │ ├ [21]: https://pkg.go.dev/vuln/GO-2023-2041 -│ │ │ ├ [22]: https://security.gentoo.org/glsa/202311-09 -│ │ │ ├ [23]: https://security.netapp.com/advisory/ntap-20231020-0 +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2023-39318.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-2988.html +│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2023-39318 +│ │ │ ├ [15]: https://pkg.go.dev/vuln/GO-2023-2041 +│ │ │ ├ [16]: https://security.gentoo.org/glsa/202311-09 +│ │ │ ├ [17]: https://security.netapp.com/advisory/ntap-20231020-0 │ │ │ │ 009/ -│ │ │ ├ [24]: https://ubuntu.com/security/notices/USN-6574-1 -│ │ │ ├ [25]: https://ubuntu.com/security/notices/USN-7061-1 -│ │ │ ├ [26]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [27]: https://vuln.go.dev/ID/GO-2023-2041.json -│ │ │ ╰ [28]: https://www.cve.org/CVERecord?id=CVE-2023-39318 +│ │ │ ├ [18]: https://ubuntu.com/security/notices/USN-6574-1 +│ │ │ ├ [19]: https://ubuntu.com/security/notices/USN-7061-1 +│ │ │ ├ [20]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [21]: https://vuln.go.dev/ID/GO-2023-2041.json +│ │ │ ╰ [22]: https://www.cve.org/CVERecord?id=CVE-2023-39318 │ │ ├ PublishedDate : 2023-09-08T17:15:27.823Z │ │ ╰ LastModifiedDate: 2023-11-25T11:15:17.43Z │ ├ [13] ╭ VulnerabilityID : CVE-2023-39319 @@ -4211,10 +4210,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.20.8, 1.21.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-39319 │ │ ├ DataSource ╭ ID : govulndb @@ -4250,40 +4249,34 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I │ │ │ │ :L/A:N │ │ │ ╰ V3Score : 6.1 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:0121 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:2160 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2023-39319 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2124669 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2132867 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2132868 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2132872 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2228743 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2237773 -│ │ │ ├ [8] : https://bugzilla.redhat.com/2237776 -│ │ │ ├ [9] : https://bugzilla.redhat.com/2237777 -│ │ │ ├ [10]: https://bugzilla.redhat.com/2237778 -│ │ │ ├ [11]: https://errata.almalinux.org/8/ALSA-2024-0121.html -│ │ │ ├ [12]: https://github.com/golang/go/commit/2070531d2f53df88 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2237773 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2237776 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2253330 +│ │ │ ├ [5] : https://errata.almalinux.org/9/ALSA-2024-2160.html +│ │ │ ├ [6] : https://github.com/golang/go/commit/2070531d2f53df88 │ │ │ │ e312edace6c8dfc9686ab2f5 (go1.20.8) -│ │ │ ├ [13]: https://github.com/golang/go/commit/bbd043ff0d6d59f1 +│ │ │ ├ [7] : https://github.com/golang/go/commit/bbd043ff0d6d59f1 │ │ │ │ a9232d31ecd5eacf6507bf6a (go1.21.1) -│ │ │ ├ [14]: https://go.dev/cl/526157 -│ │ │ ├ [15]: https://go.dev/issue/62197 -│ │ │ ├ [16]: https://groups.google.com/g/golang-announce/c/Fm51GR +│ │ │ ├ [8] : https://go.dev/cl/526157 +│ │ │ ├ [9] : https://go.dev/issue/62197 +│ │ │ ├ [10]: https://groups.google.com/g/golang-announce/c/Fm51GR │ │ │ │ LNRvM -│ │ │ ├ [17]: https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI +│ │ │ ├ [11]: https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI │ │ │ │ /m/L1hdrPhfBAAJ -│ │ │ ├ [18]: https://linux.oracle.com/cve/CVE-2023-39319.html -│ │ │ ├ [19]: https://linux.oracle.com/errata/ELSA-2024-2988.html -│ │ │ ├ [20]: https://nvd.nist.gov/vuln/detail/CVE-2023-39319 -│ │ │ ├ [21]: https://pkg.go.dev/vuln/GO-2023-2043 -│ │ │ ├ [22]: https://security.gentoo.org/glsa/202311-09 -│ │ │ ├ [23]: https://security.netapp.com/advisory/ntap-20231020-0 +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2023-39319.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-2988.html +│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2023-39319 +│ │ │ ├ [15]: https://pkg.go.dev/vuln/GO-2023-2043 +│ │ │ ├ [16]: https://security.gentoo.org/glsa/202311-09 +│ │ │ ├ [17]: https://security.netapp.com/advisory/ntap-20231020-0 │ │ │ │ 009/ -│ │ │ ├ [24]: https://ubuntu.com/security/notices/USN-6574-1 -│ │ │ ├ [25]: https://ubuntu.com/security/notices/USN-7061-1 -│ │ │ ├ [26]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [27]: https://vuln.go.dev/ID/GO-2023-2043.json -│ │ │ ╰ [28]: https://www.cve.org/CVERecord?id=CVE-2023-39319 +│ │ │ ├ [18]: https://ubuntu.com/security/notices/USN-6574-1 +│ │ │ ├ [19]: https://ubuntu.com/security/notices/USN-7061-1 +│ │ │ ├ [20]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [21]: https://vuln.go.dev/ID/GO-2023-2043.json +│ │ │ ╰ [22]: https://www.cve.org/CVERecord?id=CVE-2023-39319 │ │ ├ PublishedDate : 2023-09-08T17:15:27.91Z │ │ ╰ LastModifiedDate: 2023-11-25T11:15:17.543Z │ ├ [14] ╭ VulnerabilityID : CVE-2023-39326 @@ -4294,10 +4287,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.20.12, 1.21.5 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-39326 │ │ ├ DataSource ╭ ID : govulndb @@ -4338,11 +4331,11 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I │ │ │ │ :N/A:N │ │ │ ╰ V3Score : 5.3 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:0887 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:2272 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2023-39326 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2253323 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2253193 │ │ │ ├ [3] : https://bugzilla.redhat.com/2253330 -│ │ │ ├ [4] : https://errata.almalinux.org/8/ALSA-2024-0887.html +│ │ │ ├ [4] : https://errata.almalinux.org/9/ALSA-2024-2272.html │ │ │ ├ [5] : https://github.com/golang/go/commit/6446af942e2e2b16 │ │ │ │ 1c4ec1b60d9703a2b55dc4dd (go1.20.12) │ │ │ ├ [6] : https://github.com/golang/go/commit/ec8c526e4be720e9 @@ -4370,10 +4363,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.20.11, 1.21.4 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-45284 │ │ ├ DataSource ╭ ID : govulndb @@ -4415,10 +4408,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.8, 1.22.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-45289 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -4450,7 +4443,7 @@ │ │ │ ╰ V3Score : 5.3 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/03/0 │ │ │ │ 8/4 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:3346 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:2724 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2023-45289 │ │ │ ├ [3] : https://bugzilla.redhat.com/2268017 │ │ │ ├ [4] : https://bugzilla.redhat.com/2268018 @@ -4468,7 +4461,7 @@ │ │ │ │ 023-45290 │ │ │ ├ [14]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24783 -│ │ │ ├ [15]: https://errata.almalinux.org/8/ALSA-2024-3346.html +│ │ │ ├ [15]: https://errata.almalinux.org/9/ALSA-2024-2724.html │ │ │ ├ [16]: https://errata.rockylinux.org/RLSA-2024:2724 │ │ │ ├ [17]: https://github.com/golang/go/commit/20586c0dbe03d144 │ │ │ │ f914155f879fa5ee287591a1 (go1.21.8) @@ -4497,10 +4490,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.8, 1.22.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-45290 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -4521,7 +4514,7 @@ │ │ │ lines. │ │ ├ Severity : MEDIUM │ │ ├ CweIDs ─ [0]: CWE-770 -│ │ ├ VendorSeverity ╭ alma : 3 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ bitnami : 2 │ │ │ ├ cbl-mariner: 2 @@ -4537,16 +4530,16 @@ │ │ │ ╰ V3Score : 5.3 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/03/0 │ │ │ │ 8/4 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:8038 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:9135 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2023-45290 │ │ │ ├ [3] : https://bugzilla.redhat.com/2268017 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2310527 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2310528 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2310529 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2268022 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2279814 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2295310 │ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2268017 │ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45290 -│ │ │ ├ [9] : https://errata.almalinux.org/8/ALSA-2024-8038.html +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-9135.html │ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:3830 │ │ │ ├ [11]: https://github.com/golang/go/commit/041a47712e765e94 │ │ │ │ f86d841c3110c840e76d8f82 (go1.22.1) @@ -4579,10 +4572,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.8, 1.22.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-24783 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -4614,49 +4607,45 @@ │ │ │ ╰ V3Score : 5.9 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/03/0 │ │ │ │ 8/4 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:6969 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:6195 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2024-24783 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2268017 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2268019 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2268021 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2279814 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2295310 -│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2268017 -│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2268018 -│ │ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2268019 -│ │ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2268273 -│ │ │ ├ [12]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2268019 +│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2268017 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2268018 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2268019 +│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2268273 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45288 -│ │ │ ├ [13]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45289 -│ │ │ ├ [14]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45290 -│ │ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [11]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24783 -│ │ │ ├ [16]: https://errata.almalinux.org/8/ALSA-2024-6969.html -│ │ │ ├ [17]: https://errata.rockylinux.org/RLSA-2024:2724 -│ │ │ ├ [18]: https://github.com/advisories/GHSA-3q2c-pvp5-3cqp -│ │ │ ├ [19]: https://github.com/golang/go/commit/337b8e9cbfa749d9 +│ │ │ ├ [12]: https://errata.almalinux.org/9/ALSA-2024-6195.html +│ │ │ ├ [13]: https://errata.rockylinux.org/RLSA-2024:2724 +│ │ │ ├ [14]: https://github.com/advisories/GHSA-3q2c-pvp5-3cqp +│ │ │ ├ [15]: https://github.com/golang/go/commit/337b8e9cbfa749d9 │ │ │ │ d5c899e0dc358e2208d5e54f (go1.22.1) -│ │ │ ├ [20]: https://github.com/golang/go/commit/be5b52bea674190e +│ │ │ ├ [16]: https://github.com/golang/go/commit/be5b52bea674190e │ │ │ │ f7de272664be6c7ae93ec5a0 (go1.21.8) -│ │ │ ├ [21]: https://github.com/golang/go/issues/65390 -│ │ │ ├ [22]: https://go.dev/cl/569339 -│ │ │ ├ [23]: https://go.dev/issue/65390 -│ │ │ ├ [24]: https://groups.google.com/g/golang-announce/c/5pwGVU +│ │ │ ├ [17]: https://github.com/golang/go/issues/65390 +│ │ │ ├ [18]: https://go.dev/cl/569339 +│ │ │ ├ [19]: https://go.dev/issue/65390 +│ │ │ ├ [20]: https://groups.google.com/g/golang-announce/c/5pwGVU │ │ │ │ PoMbg -│ │ │ ├ [25]: https://linux.oracle.com/cve/CVE-2024-24783.html -│ │ │ ├ [26]: https://linux.oracle.com/errata/ELSA-2024-6969.html -│ │ │ ├ [27]: https://nvd.nist.gov/vuln/detail/CVE-2024-24783 -│ │ │ ├ [28]: https://pkg.go.dev/vuln/GO-2024-2598 -│ │ │ ├ [29]: https://security.netapp.com/advisory/ntap-20240329-0 +│ │ │ ├ [21]: https://linux.oracle.com/cve/CVE-2024-24783.html +│ │ │ ├ [22]: https://linux.oracle.com/errata/ELSA-2024-6969.html +│ │ │ ├ [23]: https://nvd.nist.gov/vuln/detail/CVE-2024-24783 +│ │ │ ├ [24]: https://pkg.go.dev/vuln/GO-2024-2598 +│ │ │ ├ [25]: https://security.netapp.com/advisory/ntap-20240329-0 │ │ │ │ 005 -│ │ │ ├ [30]: https://security.netapp.com/advisory/ntap-20240329-0 +│ │ │ ├ [26]: https://security.netapp.com/advisory/ntap-20240329-0 │ │ │ │ 005/ -│ │ │ ├ [31]: https://ubuntu.com/security/notices/USN-6886-1 -│ │ │ ├ [32]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [33]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ │ ╰ [34]: https://www.cve.org/CVERecord?id=CVE-2024-24783 +│ │ │ ├ [27]: https://ubuntu.com/security/notices/USN-6886-1 +│ │ │ ├ [28]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [29]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ │ ╰ [30]: https://www.cve.org/CVERecord?id=CVE-2024-24783 │ │ ├ PublishedDate : 2024-03-05T23:15:07.683Z │ │ ╰ LastModifiedDate: 2024-11-05T17:35:08.987Z │ ├ [19] ╭ VulnerabilityID : CVE-2024-24784 @@ -4667,10 +4656,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.8, 1.22.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-24784 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -4683,7 +4672,7 @@ │ │ │ result in different trust decisions being made by programs │ │ │ using different parsers. │ │ ├ Severity : MEDIUM -│ │ ├ VendorSeverity ╭ alma : 2 +│ │ ├ VendorSeverity ╭ alma : 3 │ │ │ ├ amazon : 2 │ │ │ ├ bitnami : 3 │ │ │ ├ cbl-mariner: 3 @@ -4700,55 +4689,57 @@ │ │ │ ╰ V3Score : 5.4 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/03/0 │ │ │ │ 8/4 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:6969 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:2562 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2024-24784 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2268017 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2268019 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2268021 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2279814 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2295310 -│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2262921 -│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2268017 -│ │ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2268018 -│ │ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2268019 -│ │ │ ├ [12]: https://bugzilla.redhat.com/show_bug.cgi?id=2268021 -│ │ │ ├ [13]: https://bugzilla.redhat.com/show_bug.cgi?id=2268022 -│ │ │ ├ [14]: https://bugzilla.redhat.com/show_bug.cgi?id=2268273 -│ │ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2262921 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2268017 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2268018 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2268019 +│ │ │ ├ [7] : https://bugzilla.redhat.com/2268021 +│ │ │ ├ [8] : https://bugzilla.redhat.com/2268022 +│ │ │ ├ [9] : https://bugzilla.redhat.com/2268273 +│ │ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2262921 +│ │ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2268017 +│ │ │ ├ [12]: https://bugzilla.redhat.com/show_bug.cgi?id=2268018 +│ │ │ ├ [13]: https://bugzilla.redhat.com/show_bug.cgi?id=2268019 +│ │ │ ├ [14]: https://bugzilla.redhat.com/show_bug.cgi?id=2268021 +│ │ │ ├ [15]: https://bugzilla.redhat.com/show_bug.cgi?id=2268022 +│ │ │ ├ [16]: https://bugzilla.redhat.com/show_bug.cgi?id=2268273 +│ │ │ ├ [17]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45288 -│ │ │ ├ [16]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [18]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45289 -│ │ │ ├ [17]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [19]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45290 -│ │ │ ├ [18]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [20]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-1394 -│ │ │ ├ [19]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [21]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24783 -│ │ │ ├ [20]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [22]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24784 -│ │ │ ├ [21]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [23]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24785 -│ │ │ ├ [22]: https://errata.almalinux.org/8/ALSA-2024-6969.html -│ │ │ ├ [23]: https://errata.rockylinux.org/RLSA-2024:2562 -│ │ │ ├ [24]: https://github.com/golang/go/commit/263c059b09fdd40d +│ │ │ ├ [24]: https://errata.almalinux.org/9/ALSA-2024-2562.html +│ │ │ ├ [25]: https://errata.rockylinux.org/RLSA-2024:2562 +│ │ │ ├ [26]: https://github.com/golang/go/commit/263c059b09fdd40d │ │ │ │ 9dd945f2ecb20c89ea28efe5 (go1.21.8) -│ │ │ ├ [25]: https://github.com/golang/go/commit/5330cd225ba54c7d +│ │ │ ├ [27]: https://github.com/golang/go/commit/5330cd225ba54c7d │ │ │ │ c78c1b46dcdf61a4671a632c (go1.22.1) -│ │ │ ├ [26]: https://github.com/golang/go/issues/65083 -│ │ │ ├ [27]: https://go.dev/cl/555596 -│ │ │ ├ [28]: https://go.dev/issue/65083 -│ │ │ ├ [29]: https://groups.google.com/g/golang-announce/c/5pwGVU +│ │ │ ├ [28]: https://github.com/golang/go/issues/65083 +│ │ │ ├ [29]: https://go.dev/cl/555596 +│ │ │ ├ [30]: https://go.dev/issue/65083 +│ │ │ ├ [31]: https://groups.google.com/g/golang-announce/c/5pwGVU │ │ │ │ PoMbg -│ │ │ ├ [30]: https://linux.oracle.com/cve/CVE-2024-24784.html -│ │ │ ├ [31]: https://linux.oracle.com/errata/ELSA-2024-6969.html -│ │ │ ├ [32]: https://nvd.nist.gov/vuln/detail/CVE-2024-24784 -│ │ │ ├ [33]: https://pkg.go.dev/vuln/GO-2024-2609 -│ │ │ ├ [34]: https://security.netapp.com/advisory/ntap-20240329-0 +│ │ │ ├ [32]: https://linux.oracle.com/cve/CVE-2024-24784.html +│ │ │ ├ [33]: https://linux.oracle.com/errata/ELSA-2024-6969.html +│ │ │ ├ [34]: https://nvd.nist.gov/vuln/detail/CVE-2024-24784 +│ │ │ ├ [35]: https://pkg.go.dev/vuln/GO-2024-2609 +│ │ │ ├ [36]: https://security.netapp.com/advisory/ntap-20240329-0 │ │ │ │ 007/ -│ │ │ ├ [35]: https://ubuntu.com/security/notices/USN-6886-1 -│ │ │ ├ [36]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [37]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ │ ╰ [38]: https://www.cve.org/CVERecord?id=CVE-2024-24784 +│ │ │ ├ [37]: https://ubuntu.com/security/notices/USN-6886-1 +│ │ │ ├ [38]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [39]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ │ ╰ [40]: https://www.cve.org/CVERecord?id=CVE-2024-24784 │ │ ├ PublishedDate : 2024-03-05T23:15:07.733Z │ │ ╰ LastModifiedDate: 2024-08-05T21:35:04.457Z │ ├ [20] ╭ VulnerabilityID : CVE-2024-24785 @@ -4759,10 +4750,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.8, 1.22.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-24785 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -4775,7 +4766,7 @@ │ │ │ allowing for subsequent actions to inject unexpected │ │ │ content into templates. │ │ ├ Severity : MEDIUM -│ │ ├ VendorSeverity ╭ alma : 3 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ cbl-mariner: 2 │ │ │ ├ oracle-oval: 3 @@ -4787,57 +4778,55 @@ │ │ │ ╰ V3Score : 6.5 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/03/0 │ │ │ │ 8/4 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:3259 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:9135 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2024-24785 │ │ │ ├ [3] : https://bugzilla.redhat.com/2268017 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2268018 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2268019 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2268021 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2268022 -│ │ │ ├ [8] : https://bugzilla.redhat.com/2268273 -│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2262921 -│ │ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2268017 -│ │ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2268018 -│ │ │ ├ [12]: https://bugzilla.redhat.com/show_bug.cgi?id=2268019 -│ │ │ ├ [13]: https://bugzilla.redhat.com/show_bug.cgi?id=2268021 -│ │ │ ├ [14]: https://bugzilla.redhat.com/show_bug.cgi?id=2268022 -│ │ │ ├ [15]: https://bugzilla.redhat.com/show_bug.cgi?id=2268273 -│ │ │ ├ [16]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2268022 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2279814 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2295310 +│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2262921 +│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2268017 +│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2268018 +│ │ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2268019 +│ │ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2268021 +│ │ │ ├ [12]: https://bugzilla.redhat.com/show_bug.cgi?id=2268022 +│ │ │ ├ [13]: https://bugzilla.redhat.com/show_bug.cgi?id=2268273 +│ │ │ ├ [14]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45288 -│ │ │ ├ [17]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45289 -│ │ │ ├ [18]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [16]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45290 -│ │ │ ├ [19]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [17]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-1394 -│ │ │ ├ [20]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [18]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24783 -│ │ │ ├ [21]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [19]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24784 -│ │ │ ├ [22]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [20]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24785 -│ │ │ ├ [23]: https://errata.almalinux.org/8/ALSA-2024-3259.html -│ │ │ ├ [24]: https://errata.rockylinux.org/RLSA-2024:2562 -│ │ │ ├ [25]: https://github.com/golang/go/commit/056b0edcb8c15215 +│ │ │ ├ [21]: https://errata.almalinux.org/9/ALSA-2024-9135.html +│ │ │ ├ [22]: https://errata.rockylinux.org/RLSA-2024:2562 +│ │ │ ├ [23]: https://github.com/golang/go/commit/056b0edcb8c15215 │ │ │ │ 2021eebf4cf42adbfbe77992 (go1.22.1) -│ │ │ ├ [26]: https://github.com/golang/go/commit/3643147a29352ca2 +│ │ │ ├ [24]: https://github.com/golang/go/commit/3643147a29352ca2 │ │ │ │ 894fd5d0d2069bc4b4335a7e (go1.21.8) -│ │ │ ├ [27]: https://github.com/golang/go/issues/65697 -│ │ │ ├ [28]: https://go.dev/cl/564196 -│ │ │ ├ [29]: https://go.dev/issue/65697 -│ │ │ ├ [30]: https://groups.google.com/g/golang-announce/c/5pwGVU +│ │ │ ├ [25]: https://github.com/golang/go/issues/65697 +│ │ │ ├ [26]: https://go.dev/cl/564196 +│ │ │ ├ [27]: https://go.dev/issue/65697 +│ │ │ ├ [28]: https://groups.google.com/g/golang-announce/c/5pwGVU │ │ │ │ PoMbg -│ │ │ ├ [31]: https://linux.oracle.com/cve/CVE-2024-24785.html -│ │ │ ├ [32]: https://linux.oracle.com/errata/ELSA-2024-3259.html -│ │ │ ├ [33]: https://nvd.nist.gov/vuln/detail/CVE-2024-24785 -│ │ │ ├ [34]: https://pkg.go.dev/vuln/GO-2024-2610 -│ │ │ ├ [35]: https://security.netapp.com/advisory/ntap-20240329-0 +│ │ │ ├ [29]: https://linux.oracle.com/cve/CVE-2024-24785.html +│ │ │ ├ [30]: https://linux.oracle.com/errata/ELSA-2024-3259.html +│ │ │ ├ [31]: https://nvd.nist.gov/vuln/detail/CVE-2024-24785 +│ │ │ ├ [32]: https://pkg.go.dev/vuln/GO-2024-2610 +│ │ │ ├ [33]: https://security.netapp.com/advisory/ntap-20240329-0 │ │ │ │ 008/ -│ │ │ ├ [36]: https://ubuntu.com/security/notices/USN-6886-1 -│ │ │ ├ [37]: https://ubuntu.com/security/notices/USN-7061-1 -│ │ │ ├ [38]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [39]: https://vuln.go.dev/ID/GO-2024-2610.json -│ │ │ ╰ [40]: https://www.cve.org/CVERecord?id=CVE-2024-24785 +│ │ │ ├ [34]: https://ubuntu.com/security/notices/USN-6886-1 +│ │ │ ├ [35]: https://ubuntu.com/security/notices/USN-7061-1 +│ │ │ ├ [36]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [37]: https://vuln.go.dev/ID/GO-2024-2610.json +│ │ │ ╰ [38]: https://www.cve.org/CVERecord?id=CVE-2024-24785 │ │ ├ PublishedDate : 2024-03-05T23:15:07.777Z │ │ ╰ LastModifiedDate: 2024-05-01T17:15:29.61Z │ ├ [21] ╭ VulnerabilityID : CVE-2024-24789 @@ -4848,10 +4837,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.11, 1.22.4 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-24789 │ │ ├ DataSource ╭ ID : govulndb @@ -4887,41 +4876,43 @@ │ │ │ ╰ V3Score : 7.5 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/06/0 │ │ │ │ 4/1 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:5291 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:9115 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2024-24789 │ │ │ ├ [3] : https://bugzilla.redhat.com/2279814 │ │ │ ├ [4] : https://bugzilla.redhat.com/2292668 │ │ │ ├ [5] : https://bugzilla.redhat.com/2292787 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2292668 -│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2292787 -│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2294000 +│ │ │ ├ [7] : https://bugzilla.redhat.com/2295310 +│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2292668 +│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2292787 +│ │ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24789 -│ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [11]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24790 -│ │ │ ├ [10]: https://errata.almalinux.org/8/ALSA-2024-5291.html -│ │ │ ├ [11]: https://errata.rockylinux.org/RLSA-2024:4212 -│ │ │ ├ [12]: https://github.com/golang/go/commit/c8e40338cf00f3c1 +│ │ │ ├ [12]: https://errata.almalinux.org/9/ALSA-2024-9115.html +│ │ │ ├ [13]: https://errata.rockylinux.org/RLSA-2024:4212 +│ │ │ ├ [14]: https://github.com/golang/go/commit/c8e40338cf00f3c1 │ │ │ │ d86c8fb23863ad67a4c72bcc (1.21) -│ │ │ ├ [13]: https://github.com/golang/go/commit/cf501ac0c5fe351a +│ │ │ ├ [15]: https://github.com/golang/go/commit/cf501ac0c5fe351a │ │ │ │ 8582d20b43562027927906e7 (1.22) -│ │ │ ├ [14]: https://github.com/golang/go/issues/66869 -│ │ │ ├ [15]: https://go.dev/cl/585397 -│ │ │ ├ [16]: https://go.dev/issue/66869 -│ │ │ ├ [17]: https://groups.google.com/g/golang-announce/c/XbxouI +│ │ │ ├ [16]: https://github.com/golang/go/issues/66869 +│ │ │ ├ [17]: https://go.dev/cl/585397 +│ │ │ ├ [18]: https://go.dev/issue/66869 +│ │ │ ├ [19]: https://groups.google.com/g/golang-announce/c/XbxouI │ │ │ │ 9gY7k -│ │ │ ├ [18]: https://groups.google.com/g/golang-announce/c/XbxouI +│ │ │ ├ [20]: https://groups.google.com/g/golang-announce/c/XbxouI │ │ │ │ 9gY7k/m/TuoGEhxIEwAJ -│ │ │ ├ [19]: https://linux.oracle.com/cve/CVE-2024-24789.html -│ │ │ ├ [20]: https://linux.oracle.com/errata/ELSA-2024-9115.html -│ │ │ ├ [21]: https://lists.fedoraproject.org/archives/list/packag +│ │ │ ├ [21]: https://linux.oracle.com/cve/CVE-2024-24789.html +│ │ │ ├ [22]: https://linux.oracle.com/errata/ELSA-2024-9115.html +│ │ │ ├ [23]: https://lists.fedoraproject.org/archives/list/packag │ │ │ │ e-announce@lists.fedoraproject.org/message/U5YAEIA6I │ │ │ │ UHUNGJ7AIXXPQT6D2GYENX7/ -│ │ │ ├ [22]: https://nvd.nist.gov/vuln/detail/CVE-2024-24789 -│ │ │ ├ [23]: https://pkg.go.dev/vuln/GO-2024-2888 -│ │ │ ├ [24]: https://ubuntu.com/security/notices/USN-6886-1 -│ │ │ ├ [25]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [26]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ │ ╰ [27]: https://www.cve.org/CVERecord?id=CVE-2024-24789 +│ │ │ ├ [24]: https://nvd.nist.gov/vuln/detail/CVE-2024-24789 +│ │ │ ├ [25]: https://pkg.go.dev/vuln/GO-2024-2888 +│ │ │ ├ [26]: https://ubuntu.com/security/notices/USN-6886-1 +│ │ │ ├ [27]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [28]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ │ ╰ [29]: https://www.cve.org/CVERecord?id=CVE-2024-24789 │ │ ├ PublishedDate : 2024-06-05T16:15:10.47Z │ │ ╰ LastModifiedDate: 2024-07-03T01:48:25.51Z │ ├ [22] ╭ VulnerabilityID : CVE-2024-24791 @@ -4932,10 +4923,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.12, 1.22.5 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-24791 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -4971,35 +4962,38 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I │ │ │ │ :N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:7349 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9135 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-24791 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2295310 -│ │ │ ├ [3] : https://bugzilla.redhat.com/show_bug.cgi?id=2295310 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2310527 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2310528 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2310529 -│ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2268017 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2268022 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2279814 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2295310 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2295310 +│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2310527 +│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2310528 +│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2310529 +│ │ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24791 -│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [11]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34155 -│ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [12]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34156 -│ │ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [13]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34158 -│ │ │ ├ [11]: https://errata.almalinux.org/8/ALSA-2024-7349.html -│ │ │ ├ [12]: https://errata.rockylinux.org/RLSA-2024:6913 -│ │ │ ├ [13]: https://go.dev/cl/591255 -│ │ │ ├ [14]: https://go.dev/issue/67555 -│ │ │ ├ [15]: https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY +│ │ │ ├ [14]: https://errata.almalinux.org/9/ALSA-2024-9135.html +│ │ │ ├ [15]: https://errata.rockylinux.org/RLSA-2024:6913 +│ │ │ ├ [16]: https://go.dev/cl/591255 +│ │ │ ├ [17]: https://go.dev/issue/67555 +│ │ │ ├ [18]: https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY │ │ │ │ /m/6MMoAZkMAgAJ -│ │ │ ├ [16]: https://linux.oracle.com/cve/CVE-2024-24791.html -│ │ │ ├ [17]: https://linux.oracle.com/errata/ELSA-2024-9115.html -│ │ │ ├ [18]: https://nvd.nist.gov/vuln/detail/CVE-2024-24791 -│ │ │ ├ [19]: https://pkg.go.dev/vuln/GO-2024-2963 -│ │ │ ├ [20]: https://ubuntu.com/security/notices/USN-7081-1 -│ │ │ ├ [21]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [22]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ │ ╰ [23]: https://www.cve.org/CVERecord?id=CVE-2024-24791 +│ │ │ ├ [19]: https://linux.oracle.com/cve/CVE-2024-24791.html +│ │ │ ├ [20]: https://linux.oracle.com/errata/ELSA-2024-9115.html +│ │ │ ├ [21]: https://nvd.nist.gov/vuln/detail/CVE-2024-24791 +│ │ │ ├ [22]: https://pkg.go.dev/vuln/GO-2024-2963 +│ │ │ ├ [23]: https://ubuntu.com/security/notices/USN-7081-1 +│ │ │ ├ [24]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [25]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ │ ╰ [26]: https://www.cve.org/CVERecord?id=CVE-2024-24791 │ │ ├ PublishedDate : 2024-07-02T22:15:04.833Z │ │ ╰ LastModifiedDate: 2024-07-08T14:17:39.083Z │ ├ [23] ╭ VulnerabilityID : CVE-2024-34155 @@ -5010,10 +5004,10 @@ │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.22.7, 1.23.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-34155 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -5038,43 +5032,46 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I │ │ │ │ :N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:8038 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9459 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-34155 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2268017 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2310527 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2310528 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2310529 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2295310 -│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2310527 -│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2310528 -│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2310529 -│ │ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2310527 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2310528 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2310529 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2315691 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2315887 +│ │ │ ├ [7] : https://bugzilla.redhat.com/2317458 +│ │ │ ├ [8] : https://bugzilla.redhat.com/2317467 +│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2295310 +│ │ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2310527 +│ │ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2310528 +│ │ │ ├ [12]: https://bugzilla.redhat.com/show_bug.cgi?id=2310529 +│ │ │ ├ [13]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24791 -│ │ │ ├ [11]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [14]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34155 -│ │ │ ├ [12]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34156 -│ │ │ ├ [13]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [16]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34158 -│ │ │ ├ [14]: https://errata.almalinux.org/8/ALSA-2024-8038.html -│ │ │ ├ [15]: https://errata.rockylinux.org/RLSA-2024:6913 -│ │ │ ├ [16]: https://github.com/golang/go/commit/53487e5477151ed7 +│ │ │ ├ [17]: https://errata.almalinux.org/9/ALSA-2024-9459.html +│ │ │ ├ [18]: https://errata.rockylinux.org/RLSA-2024:6913 +│ │ │ ├ [19]: https://github.com/golang/go/commit/53487e5477151ed7 │ │ │ │ 5da50e50a0ba8f1ca64c00a3 (go1.23.1) -│ │ │ ├ [17]: https://github.com/golang/go/commit/b232596139dbe96a +│ │ │ ├ [20]: https://github.com/golang/go/commit/b232596139dbe96a │ │ │ │ 62edbe3a2a203e856bf556eb (go1.22.7) -│ │ │ ├ [18]: https://go.dev/cl/611238 -│ │ │ ├ [19]: https://go.dev/issue/69138 -│ │ │ ├ [20]: https://groups.google.com/g/golang-announce/c/K-cEzD +│ │ │ ├ [21]: https://go.dev/cl/611238 +│ │ │ ├ [22]: https://go.dev/issue/69138 +│ │ │ ├ [23]: https://groups.google.com/g/golang-announce/c/K-cEzD │ │ │ │ eCtpc -│ │ │ ├ [21]: https://groups.google.com/g/golang-dev/c/S9POB9NCTdk -│ │ │ ├ [22]: https://linux.oracle.com/cve/CVE-2024-34155.html -│ │ │ ├ [23]: https://linux.oracle.com/errata/ELSA-2024-9459.html -│ │ │ ├ [24]: https://nvd.nist.gov/vuln/detail/CVE-2024-34155 -│ │ │ ├ [25]: https://pkg.go.dev/vuln/GO-2024-3105 -│ │ │ ├ [26]: https://ubuntu.com/security/notices/USN-7081-1 -│ │ │ ├ [27]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [28]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ │ ╰ [29]: https://www.cve.org/CVERecord?id=CVE-2024-34155 +│ │ │ ├ [24]: https://groups.google.com/g/golang-dev/c/S9POB9NCTdk +│ │ │ ├ [25]: https://linux.oracle.com/cve/CVE-2024-34155.html +│ │ │ ├ [26]: https://linux.oracle.com/errata/ELSA-2024-9459.html +│ │ │ ├ [27]: https://nvd.nist.gov/vuln/detail/CVE-2024-34155 +│ │ │ ├ [28]: https://pkg.go.dev/vuln/GO-2024-3105 +│ │ │ ├ [29]: https://ubuntu.com/security/notices/USN-7081-1 +│ │ │ ├ [30]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [31]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ │ ╰ [32]: https://www.cve.org/CVERecord?id=CVE-2024-34155 │ │ ├ PublishedDate : 2024-09-06T21:15:11.947Z │ │ ╰ LastModifiedDate: 2024-11-04T17:35:17.887Z │ ╰ [24] ╭ VulnerabilityID : CVE-2024-34158 @@ -5085,10 +5082,10 @@ │ ├ InstalledVersion: v1.20.5 │ ├ FixedVersion : 1.22.7, 1.23.1 │ ├ Status : fixed -│ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ 3e760ec97632069cf0cd6 -│ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ 9f050019c4e091cda1b1c +│ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ 245acf1047f9e4ec8f9b0 +│ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ 3072b7cd9782e2e972f6b │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-34158 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database @@ -5115,60 +5112,63 @@ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I │ │ │ :N/A:H │ │ ╰ V3Score : 5.9 -│ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:8038 +│ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9459 │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-34158 -│ │ ├ [2] : https://bugzilla.redhat.com/2268017 -│ │ ├ [3] : https://bugzilla.redhat.com/2310527 -│ │ ├ [4] : https://bugzilla.redhat.com/2310528 -│ │ ├ [5] : https://bugzilla.redhat.com/2310529 -│ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2295310 -│ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2310527 -│ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2310528 -│ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2310529 -│ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ ├ [2] : https://bugzilla.redhat.com/2310527 +│ │ ├ [3] : https://bugzilla.redhat.com/2310528 +│ │ ├ [4] : https://bugzilla.redhat.com/2310529 +│ │ ├ [5] : https://bugzilla.redhat.com/2315691 +│ │ ├ [6] : https://bugzilla.redhat.com/2315887 +│ │ ├ [7] : https://bugzilla.redhat.com/2317458 +│ │ ├ [8] : https://bugzilla.redhat.com/2317467 +│ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2295310 +│ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2310527 +│ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2310528 +│ │ ├ [12]: https://bugzilla.redhat.com/show_bug.cgi?id=2310529 +│ │ ├ [13]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ 024-24791 -│ │ ├ [11]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ ├ [14]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ 024-34155 -│ │ ├ [12]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ 024-34156 -│ │ ├ [13]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ ├ [16]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ 024-34158 -│ │ ├ [14]: https://errata.almalinux.org/8/ALSA-2024-8038.html -│ │ ├ [15]: https://errata.rockylinux.org/RLSA-2024:6913 -│ │ ├ [16]: https://github.com/golang/go/commit/032ac075c20c01c6 +│ │ ├ [17]: https://errata.almalinux.org/9/ALSA-2024-9459.html +│ │ ├ [18]: https://errata.rockylinux.org/RLSA-2024:6913 +│ │ ├ [19]: https://github.com/golang/go/commit/032ac075c20c01c6 │ │ │ c35a672d1542d3e98eab84ea (go1.23.1) -│ │ ├ [17]: https://github.com/golang/go/commit/d4c53812e6ce2ac3 +│ │ ├ [20]: https://github.com/golang/go/commit/d4c53812e6ce2ac3 │ │ │ 68173d7fcd31d0ecfcffb002 (go1.22.7) -│ │ ├ [18]: https://go.dev/cl/611240 -│ │ ├ [19]: https://go.dev/issue/69141 -│ │ ├ [20]: https://groups.google.com/g/golang-announce/c/K-cEzD +│ │ ├ [21]: https://go.dev/cl/611240 +│ │ ├ [22]: https://go.dev/issue/69141 +│ │ ├ [23]: https://groups.google.com/g/golang-announce/c/K-cEzD │ │ │ eCtpc -│ │ ├ [21]: https://groups.google.com/g/golang-dev/c/S9POB9NCTdk -│ │ ├ [22]: https://linux.oracle.com/cve/CVE-2024-34158.html -│ │ ├ [23]: https://linux.oracle.com/errata/ELSA-2024-9459.html -│ │ ├ [24]: https://nvd.nist.gov/vuln/detail/CVE-2024-34158 -│ │ ├ [25]: https://pkg.go.dev/vuln/GO-2024-3107 -│ │ ├ [26]: https://ubuntu.com/security/notices/USN-7081-1 -│ │ ├ [27]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ ├ [28]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ ╰ [29]: https://www.cve.org/CVERecord?id=CVE-2024-34158 +│ │ ├ [24]: https://groups.google.com/g/golang-dev/c/S9POB9NCTdk +│ │ ├ [25]: https://linux.oracle.com/cve/CVE-2024-34158.html +│ │ ├ [26]: https://linux.oracle.com/errata/ELSA-2024-9459.html +│ │ ├ [27]: https://nvd.nist.gov/vuln/detail/CVE-2024-34158 +│ │ ├ [28]: https://pkg.go.dev/vuln/GO-2024-3107 +│ │ ├ [29]: https://ubuntu.com/security/notices/USN-7081-1 +│ │ ├ [30]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ ├ [31]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ ╰ [32]: https://www.cve.org/CVERecord?id=CVE-2024-34158 │ ├ PublishedDate : 2024-09-06T21:15:12.083Z │ ╰ LastModifiedDate: 2024-09-09T14:35:01.17Z -├ [3] ╭ Target : tmp/tmp.WmwN9nvQi7/krew-linux_amd64 +├ [3] ╭ Target : tmp/tmp.qxlAbLRRGD/krew-linux_amd64 │ ├ Class : lang-pkgs │ ├ Type : gobinary │ ╰ Vulnerabilities ╭ [0] ╭ VulnerabilityID : CVE-2023-39325 │ │ ├ PkgID : golang.org/x/net@v0.12.0 │ │ ├ PkgName : golang.org/x/net │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/golang.org/x/net@v0.12.0 -│ │ │ ╰ UID : 9d3e63f510d6f6b5 +│ │ │ ╰ UID : 3c33bb037f527747 │ │ ├ InstalledVersion: v0.12.0 │ │ ├ FixedVersion : 0.17.0 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-39325 │ │ ├ DataSource ╭ ID : ghsa @@ -5223,7 +5223,7 @@ │ │ │ │ :N/A:H │ │ │ ╰ V3Score : 7.5 │ │ ├ References ╭ [0] : golang.org/x/net -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2023:5863 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2023:6077 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2023-39325 │ │ │ ├ [3] : https://access.redhat.com/security/cve/CVE-2023-44487 │ │ │ ├ [4] : https://bugzilla.redhat.com/2242803 @@ -5234,7 +5234,7 @@ │ │ │ │ 2023-39325 │ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE- │ │ │ │ 2023-44487 -│ │ │ ├ [10] : https://errata.almalinux.org/8/ALSA-2023-5863.html +│ │ │ ├ [10] : https://errata.almalinux.org/9/ALSA-2023-6077.html │ │ │ ├ [11] : https://errata.rockylinux.org/RLSA-2023:6077 │ │ │ ├ [12] : https://github.com/golang/go/commit/24ae2d927285c69 │ │ │ │ 7440fdde3ad7f26028354bcf3 [golang- 1.21] @@ -5483,14 +5483,14 @@ │ │ ├ PkgID : golang.org/x/net@v0.12.0 │ │ ├ PkgName : golang.org/x/net │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/golang.org/x/net@v0.12.0 -│ │ │ ╰ UID : 9d3e63f510d6f6b5 +│ │ │ ╰ UID : 3c33bb037f527747 │ │ ├ InstalledVersion: v0.12.0 │ │ ├ FixedVersion : 0.33.0 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-45338 │ │ ├ DataSource ╭ ID : ghsa @@ -5526,14 +5526,14 @@ │ │ ├ PkgID : golang.org/x/net@v0.12.0 │ │ ├ PkgName : golang.org/x/net │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/golang.org/x/net@v0.12.0 -│ │ │ ╰ UID : 9d3e63f510d6f6b5 +│ │ │ ╰ UID : 3c33bb037f527747 │ │ ├ InstalledVersion: v0.12.0 │ │ ├ FixedVersion : 0.13.0 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-3978 │ │ ├ DataSource ╭ ID : ghsa @@ -5563,47 +5563,43 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I: │ │ │ │ L/A:N │ │ │ ╰ V3Score : 6.1 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2023:6939 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2023:6474 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2023-3978 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2163037 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2174485 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2175721 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2178358 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2178488 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2178492 -│ │ │ ├ [8] : https://bugzilla.redhat.com/2182883 -│ │ │ ├ [9] : https://bugzilla.redhat.com/2182884 -│ │ │ ├ [10]: https://bugzilla.redhat.com/2184481 -│ │ │ ├ [11]: https://bugzilla.redhat.com/2184482 -│ │ │ ├ [12]: https://bugzilla.redhat.com/2184483 -│ │ │ ├ [13]: https://bugzilla.redhat.com/2184484 -│ │ │ ├ [14]: https://bugzilla.redhat.com/2196026 -│ │ │ ├ [15]: https://bugzilla.redhat.com/2196027 -│ │ │ ├ [16]: https://bugzilla.redhat.com/2196029 -│ │ │ ├ [17]: https://bugzilla.redhat.com/2222167 -│ │ │ ├ [18]: https://bugzilla.redhat.com/2228689 -│ │ │ ├ [19]: https://errata.almalinux.org/8/ALSA-2023-6939.html -│ │ │ ├ [20]: https://go.dev/cl/514896 -│ │ │ ├ [21]: https://go.dev/issue/61615 -│ │ │ ├ [22]: https://linux.oracle.com/cve/CVE-2023-3978.html -│ │ │ ├ [23]: https://linux.oracle.com/errata/ELSA-2023-6939.html -│ │ │ ├ [24]: https://nvd.nist.gov/vuln/detail/CVE-2023-3978 -│ │ │ ├ [25]: https://pkg.go.dev/vuln/GO-2023-1988 -│ │ │ ╰ [26]: https://www.cve.org/CVERecord?id=CVE-2023-3978 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2174485 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2178358 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2178488 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2178492 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2184481 +│ │ │ ├ [7] : https://bugzilla.redhat.com/2184482 +│ │ │ ├ [8] : https://bugzilla.redhat.com/2184483 +│ │ │ ├ [9] : https://bugzilla.redhat.com/2184484 +│ │ │ ├ [10]: https://bugzilla.redhat.com/2196026 +│ │ │ ├ [11]: https://bugzilla.redhat.com/2196027 +│ │ │ ├ [12]: https://bugzilla.redhat.com/2196029 +│ │ │ ├ [13]: https://bugzilla.redhat.com/2222167 +│ │ │ ├ [14]: https://bugzilla.redhat.com/2228689 +│ │ │ ├ [15]: https://errata.almalinux.org/9/ALSA-2023-6474.html +│ │ │ ├ [16]: https://go.dev/cl/514896 +│ │ │ ├ [17]: https://go.dev/issue/61615 +│ │ │ ├ [18]: https://linux.oracle.com/cve/CVE-2023-3978.html +│ │ │ ├ [19]: https://linux.oracle.com/errata/ELSA-2023-6939.html +│ │ │ ├ [20]: https://nvd.nist.gov/vuln/detail/CVE-2023-3978 +│ │ │ ├ [21]: https://pkg.go.dev/vuln/GO-2023-1988 +│ │ │ ╰ [22]: https://www.cve.org/CVERecord?id=CVE-2023-3978 │ │ ├ PublishedDate : 2023-08-02T20:15:12.097Z │ │ ╰ LastModifiedDate: 2023-11-07T04:20:03.647Z │ ├ [3] ╭ VulnerabilityID : CVE-2023-44487 │ │ ├ PkgID : golang.org/x/net@v0.12.0 │ │ ├ PkgName : golang.org/x/net │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/golang.org/x/net@v0.12.0 -│ │ │ ╰ UID : 9d3e63f510d6f6b5 +│ │ │ ╰ UID : 3c33bb037f527747 │ │ ├ InstalledVersion: v0.12.0 │ │ ├ FixedVersion : 0.17.0 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-44487 │ │ ├ DataSource ╭ ID : ghsa @@ -5654,7 +5650,7 @@ │ │ │ │ 19/6 │ │ │ ├ [5] : http://www.openwall.com/lists/oss-security/2023/10/ │ │ │ │ 20/8 -│ │ │ ├ [6] : https://access.redhat.com/errata/RHSA-2024:1444 +│ │ │ ├ [6] : https://access.redhat.com/errata/RHSA-2023:6746 │ │ │ ├ [7] : https://access.redhat.com/security/cve/CVE-2023-44487 │ │ │ ├ [8] : https://access.redhat.com/security/cve/cve-2023-44487 │ │ │ ├ [9] : https://akka.io/security/akka-http-cve-2023-44487.h @@ -5688,435 +5684,434 @@ │ │ │ ├ [22] : https://blog.vespa.ai/cve-2023-44487/ │ │ │ ├ [23] : https://bugzilla.proxmox.com/show_bug.cgi?id=4988 │ │ │ ├ [24] : https://bugzilla.redhat.com/2242803 -│ │ │ ├ [25] : https://bugzilla.redhat.com/2264574 -│ │ │ ├ [26] : https://bugzilla.redhat.com/show_bug.cgi?id=2242803 -│ │ │ ├ [27] : https://bugzilla.suse.com/show_bug.cgi?id=1216123 -│ │ │ ├ [28] : https://cgit.freebsd.org/ports/commit/?id=c64c329c2 +│ │ │ ├ [25] : https://bugzilla.redhat.com/show_bug.cgi?id=2242803 +│ │ │ ├ [26] : https://bugzilla.suse.com/show_bug.cgi?id=1216123 +│ │ │ ├ [27] : https://cgit.freebsd.org/ports/commit/?id=c64c329c2 │ │ │ │ c1752f46b73e3e6ce9f4329be6629f9 -│ │ │ ├ [29] : https://chaos.social/@icing/111210915918780532 -│ │ │ ├ [30] : https://cloud.google.com/blog/products/identity-sec +│ │ │ ├ [28] : https://chaos.social/@icing/111210915918780532 +│ │ │ ├ [29] : https://cloud.google.com/blog/products/identity-sec │ │ │ │ urity/google-cloud-mitigated-largest-ddos-attack-pe │ │ │ │ aking-above-398-million-rps -│ │ │ ├ [31] : https://cloud.google.com/blog/products/identity-sec +│ │ │ ├ [30] : https://cloud.google.com/blog/products/identity-sec │ │ │ │ urity/google-cloud-mitigated-largest-ddos-attack-pe │ │ │ │ aking-above-398-million-rps/ -│ │ │ ├ [32] : https://cloud.google.com/blog/products/identity-sec +│ │ │ ├ [31] : https://cloud.google.com/blog/products/identity-sec │ │ │ │ urity/how-it-works-the-novel-http2-rapid-reset-ddos │ │ │ │ -attack -│ │ │ ├ [33] : https://community.traefik.io/t/is-traefik-vulnerabl +│ │ │ ├ [32] : https://community.traefik.io/t/is-traefik-vulnerabl │ │ │ │ e-to-cve-2023-44487/20125 -│ │ │ ├ [34] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE- +│ │ │ ├ [33] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE- │ │ │ │ 2023-44487 -│ │ │ ├ [35] : https://devblogs.microsoft.com/dotnet/october-2023- +│ │ │ ├ [34] : https://devblogs.microsoft.com/dotnet/october-2023- │ │ │ │ updates/ -│ │ │ ├ [36] : https://discuss.hashicorp.com/t/hcsec-2023-32-vault +│ │ │ ├ [35] : https://discuss.hashicorp.com/t/hcsec-2023-32-vault │ │ │ │ -consul-and-boundary-affected-by-http-2-rapid-reset │ │ │ │ -denial-of-service-vulnerability-cve-2023-44487/597 │ │ │ │ 15 -│ │ │ ├ [37] : https://edg.io/lp/blog/resets-leaks-ddos-and-the-ta +│ │ │ ├ [36] : https://edg.io/lp/blog/resets-leaks-ddos-and-the-ta │ │ │ │ le-of-a-hidden-cve -│ │ │ ├ [38] : https://errata.almalinux.org/8/ALSA-2024-1444.html -│ │ │ ├ [39] : https://errata.rockylinux.org/RLSA-2023:5838 -│ │ │ ├ [40] : https://forums.swift.org/t/swift-nio-http2-security +│ │ │ ├ [37] : https://errata.almalinux.org/9/ALSA-2023-6746.html +│ │ │ ├ [38] : https://errata.rockylinux.org/RLSA-2023:5838 +│ │ │ ├ [39] : https://forums.swift.org/t/swift-nio-http2-security │ │ │ │ -update-cve-2023-44487-http-2-dos/67764 -│ │ │ ├ [41] : https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e +│ │ │ ├ [40] : https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e │ │ │ │ 131c66a0c088 -│ │ │ ├ [42] : https://github.com/Azure/AKS/issues/3947 -│ │ │ ├ [43] : https://github.com/Kong/kong/discussions/11741 -│ │ │ ├ [44] : https://github.com/advisories/GHSA-qppj-fm5r-hxr3 -│ │ │ ├ [45] : https://github.com/advisories/GHSA-vx74-f528-fxqg -│ │ │ ├ [46] : https://github.com/advisories/GHSA-xpw8-rcwv-8f8p -│ │ │ ├ [47] : https://github.com/akka/akka-http/issues/4323 -│ │ │ ├ [48] : https://github.com/akka/akka-http/pull/4324 -│ │ │ ├ [49] : https://github.com/akka/akka-http/pull/4325 -│ │ │ ├ [50] : https://github.com/alibaba/tengine/issues/1872 -│ │ │ ├ [51] : https://github.com/apache/apisix/issues/10320 -│ │ │ ├ [52] : https://github.com/apache/httpd-site/pull/10 -│ │ │ ├ [53] : https://github.com/apache/httpd/blob/afcdbeebbff4b0 +│ │ │ ├ [41] : https://github.com/Azure/AKS/issues/3947 +│ │ │ ├ [42] : https://github.com/Kong/kong/discussions/11741 +│ │ │ ├ [43] : https://github.com/advisories/GHSA-qppj-fm5r-hxr3 +│ │ │ ├ [44] : https://github.com/advisories/GHSA-vx74-f528-fxqg +│ │ │ ├ [45] : https://github.com/advisories/GHSA-xpw8-rcwv-8f8p +│ │ │ ├ [46] : https://github.com/akka/akka-http/issues/4323 +│ │ │ ├ [47] : https://github.com/akka/akka-http/pull/4324 +│ │ │ ├ [48] : https://github.com/akka/akka-http/pull/4325 +│ │ │ ├ [49] : https://github.com/alibaba/tengine/issues/1872 +│ │ │ ├ [50] : https://github.com/apache/apisix/issues/10320 +│ │ │ ├ [51] : https://github.com/apache/httpd-site/pull/10 +│ │ │ ├ [52] : https://github.com/apache/httpd/blob/afcdbeebbff4b0 │ │ │ │ c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c# │ │ │ │ L1101-L1113 -│ │ │ ├ [54] : https://github.com/apache/tomcat/commit/944332bb15b +│ │ │ ├ [53] : https://github.com/apache/tomcat/commit/944332bb15b │ │ │ │ d2f3bf76ec2caeb1ff0a58a3bc628 -│ │ │ ├ [55] : https://github.com/apache/tomcat/tree/main/java/org +│ │ │ ├ [54] : https://github.com/apache/tomcat/tree/main/java/org │ │ │ │ /apache/coyote/http2 -│ │ │ ├ [56] : https://github.com/apache/trafficserver/pull/10564 -│ │ │ ├ [57] : https://github.com/apple/swift-nio-http2 -│ │ │ ├ [58] : https://github.com/apple/swift-nio-http2/security/a +│ │ │ ├ [55] : https://github.com/apache/trafficserver/pull/10564 +│ │ │ ├ [56] : https://github.com/apple/swift-nio-http2 +│ │ │ ├ [57] : https://github.com/apple/swift-nio-http2/security/a │ │ │ │ dvisories/GHSA-qppj-fm5r-hxr3 -│ │ │ ├ [59] : https://github.com/arkrwn/PoC/tree/main/CVE-2023-44 +│ │ │ ├ [58] : https://github.com/arkrwn/PoC/tree/main/CVE-2023-44 │ │ │ │ 487 -│ │ │ ├ [60] : https://github.com/bcdannyboy/CVE-2023-44487 -│ │ │ ├ [61] : https://github.com/caddyserver/caddy/issues/5877 -│ │ │ ├ [62] : https://github.com/caddyserver/caddy/releases/tag/v +│ │ │ ├ [59] : https://github.com/bcdannyboy/CVE-2023-44487 +│ │ │ ├ [60] : https://github.com/caddyserver/caddy/issues/5877 +│ │ │ ├ [61] : https://github.com/caddyserver/caddy/releases/tag/v │ │ │ │ 2.7.5 -│ │ │ ├ [63] : https://github.com/dotnet/announcements/issues/277 -│ │ │ ├ [64] : https://github.com/dotnet/core/blob/e4613450ea0da7f +│ │ │ ├ [62] : https://github.com/dotnet/announcements/issues/277 +│ │ │ ├ [63] : https://github.com/dotnet/core/blob/e4613450ea0da7f │ │ │ │ d2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/ │ │ │ │ 6.0.23.md?plain=1#L73 -│ │ │ ├ [65] : https://github.com/eclipse/jetty.project/issues/10679 -│ │ │ ├ [66] : https://github.com/envoyproxy/envoy/pull/30055 -│ │ │ ├ [67] : https://github.com/etcd-io/etcd/issues/16740 -│ │ │ ├ [68] : https://github.com/facebook/proxygen/pull/466 -│ │ │ ├ [69] : https://github.com/golang/go/issues/63417 -│ │ │ ├ [70] : https://github.com/grpc/grpc-go/pull/6703 -│ │ │ ├ [71] : https://github.com/grpc/grpc-go/releases -│ │ │ ├ [72] : https://github.com/h2o/h2o/pull/3291 -│ │ │ ├ [73] : https://github.com/h2o/h2o/security/advisories/GHSA +│ │ │ ├ [64] : https://github.com/eclipse/jetty.project/issues/10679 +│ │ │ ├ [65] : https://github.com/envoyproxy/envoy/pull/30055 +│ │ │ ├ [66] : https://github.com/etcd-io/etcd/issues/16740 +│ │ │ ├ [67] : https://github.com/facebook/proxygen/pull/466 +│ │ │ ├ [68] : https://github.com/golang/go/issues/63417 +│ │ │ ├ [69] : https://github.com/grpc/grpc-go/pull/6703 +│ │ │ ├ [70] : https://github.com/grpc/grpc-go/releases +│ │ │ ├ [71] : https://github.com/h2o/h2o/pull/3291 +│ │ │ ├ [72] : https://github.com/h2o/h2o/security/advisories/GHSA │ │ │ │ -2m7v-gc89-fjqf -│ │ │ ├ [74] : https://github.com/haproxy/haproxy/issues/2312 -│ │ │ ├ [75] : https://github.com/hyperium/hyper/issues/3337 -│ │ │ ├ [76] : https://github.com/icing/mod_h2/blob/0a864782af0a94 +│ │ │ ├ [73] : https://github.com/haproxy/haproxy/issues/2312 +│ │ │ ├ [74] : https://github.com/hyperium/hyper/issues/3337 +│ │ │ ├ [75] : https://github.com/icing/mod_h2/blob/0a864782af0a94 │ │ │ │ 2aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plai │ │ │ │ n=1#L239-L244 -│ │ │ ├ [77] : https://github.com/junkurihara/rust-rpxy/issues/97 -│ │ │ ├ [78] : https://github.com/kazu-yamamoto/http2/commit/f61d4 +│ │ │ ├ [76] : https://github.com/junkurihara/rust-rpxy/issues/97 +│ │ │ ├ [77] : https://github.com/kazu-yamamoto/http2/commit/f61d4 │ │ │ │ 1a502bd0f60eb24e1ce14edc7b6df6722a1 -│ │ │ ├ [79] : https://github.com/kazu-yamamoto/http2/issues/93 -│ │ │ ├ [80] : https://github.com/kubernetes/kubernetes/pull/121120 -│ │ │ ├ [81] : https://github.com/line/armeria/pull/5232 -│ │ │ ├ [82] : https://github.com/linkerd/website/pull/1695/commit +│ │ │ ├ [78] : https://github.com/kazu-yamamoto/http2/issues/93 +│ │ │ ├ [79] : https://github.com/kubernetes/kubernetes/pull/121120 +│ │ │ ├ [80] : https://github.com/line/armeria/pull/5232 +│ │ │ ├ [81] : https://github.com/linkerd/website/pull/1695/commit │ │ │ │ s/4b9c6836471bc8270ab48aae6fd2181bc73fd632 -│ │ │ ├ [83] : https://github.com/micrictor/http2-rst-stream -│ │ │ ├ [84] : https://github.com/microsoft/CBL-Mariner/pull/6381 -│ │ │ ├ [85] : https://github.com/netty/netty/commit/58f75f665aa81 +│ │ │ ├ [82] : https://github.com/micrictor/http2-rst-stream +│ │ │ ├ [83] : https://github.com/microsoft/CBL-Mariner/pull/6381 +│ │ │ ├ [84] : https://github.com/netty/netty/commit/58f75f665aa81 │ │ │ │ a8cbcf6ffa74820042a285c5e61 -│ │ │ ├ [86] : https://github.com/nghttp2/nghttp2/pull/1961 -│ │ │ ├ [87] : https://github.com/nghttp2/nghttp2/releases/tag/v1. +│ │ │ ├ [85] : https://github.com/nghttp2/nghttp2/pull/1961 +│ │ │ ├ [86] : https://github.com/nghttp2/nghttp2/releases/tag/v1. │ │ │ │ 57.0 -│ │ │ ├ [88] : https://github.com/ninenines/cowboy/issues/1615 -│ │ │ ├ [89] : https://github.com/nodejs/node/pull/50121 -│ │ │ ├ [90] : https://github.com/openresty/openresty/issues/930 -│ │ │ ├ [91] : https://github.com/opensearch-project/data-prepper/ +│ │ │ ├ [87] : https://github.com/ninenines/cowboy/issues/1615 +│ │ │ ├ [88] : https://github.com/nodejs/node/pull/50121 +│ │ │ ├ [89] : https://github.com/openresty/openresty/issues/930 +│ │ │ ├ [90] : https://github.com/opensearch-project/data-prepper/ │ │ │ │ issues/3474 -│ │ │ ├ [92] : https://github.com/oqtane/oqtane.framework/discussi +│ │ │ ├ [91] : https://github.com/oqtane/oqtane.framework/discussi │ │ │ │ ons/3367 -│ │ │ ├ [93] : https://github.com/projectcontour/contour/pull/5826 -│ │ │ ├ [94] : https://github.com/tempesta-tech/tempesta/issues/1986 -│ │ │ ├ [95] : https://github.com/varnishcache/varnish-cache/issue +│ │ │ ├ [92] : https://github.com/projectcontour/contour/pull/5826 +│ │ │ ├ [93] : https://github.com/tempesta-tech/tempesta/issues/1986 +│ │ │ ├ [94] : https://github.com/varnishcache/varnish-cache/issue │ │ │ │ s/3996 -│ │ │ ├ [96] : https://go.dev/cl/534215 -│ │ │ ├ [97] : https://go.dev/cl/534235 -│ │ │ ├ [98] : https://go.dev/issue/63417 -│ │ │ ├ [99] : https://groups.google.com/g/golang-announce/c/iNNxD +│ │ │ ├ [95] : https://go.dev/cl/534215 +│ │ │ ├ [96] : https://go.dev/cl/534235 +│ │ │ ├ [97] : https://go.dev/issue/63417 +│ │ │ ├ [98] : https://groups.google.com/g/golang-announce/c/iNNxD │ │ │ │ TCjZvo -│ │ │ ├ [100]: https://groups.google.com/g/golang-announce/c/iNNxD +│ │ │ ├ [99] : https://groups.google.com/g/golang-announce/c/iNNxD │ │ │ │ TCjZvo/m/UDd7VKQuAAAJ -│ │ │ ├ [101]: https://istio.io/latest/news/security/istio-securit +│ │ │ ├ [100]: https://istio.io/latest/news/security/istio-securit │ │ │ │ y-2023-004 -│ │ │ ├ [102]: https://istio.io/latest/news/security/istio-securit +│ │ │ ├ [101]: https://istio.io/latest/news/security/istio-securit │ │ │ │ y-2023-004/ -│ │ │ ├ [103]: https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 -│ │ │ ├ [104]: https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ -│ │ │ ├ [105]: https://linux.oracle.com/cve/CVE-2023-44487.html -│ │ │ ├ [106]: https://linux.oracle.com/errata/ELSA-2024-1444.html -│ │ │ ├ [107]: https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o +│ │ │ ├ [102]: https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 +│ │ │ ├ [103]: https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ +│ │ │ ├ [104]: https://linux.oracle.com/cve/CVE-2023-44487.html +│ │ │ ├ [105]: https://linux.oracle.com/errata/ELSA-2024-1444.html +│ │ │ ├ [106]: https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o │ │ │ │ 41xwhsjlsd87q -│ │ │ ├ [108]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [107]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 0/msg00020.html -│ │ │ ├ [109]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [108]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 0/msg00023.html -│ │ │ ├ [110]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [109]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 0/msg00024.html -│ │ │ ├ [111]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [110]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 0/msg00045.html -│ │ │ ├ [112]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [111]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 0/msg00047.html -│ │ │ ├ [113]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [112]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 1/msg00001.html -│ │ │ ├ [114]: https://lists.debian.org/debian-lts-announce/2023/1 +│ │ │ ├ [113]: https://lists.debian.org/debian-lts-announce/2023/1 │ │ │ │ 1/msg00012.html -│ │ │ ├ [115]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [114]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/2MBEP │ │ │ │ PC36UBVOZZNAXFHKLFGSLCMN5LI -│ │ │ ├ [116]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [115]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/2MBEP │ │ │ │ PC36UBVOZZNAXFHKLFGSLCMN5LI/ -│ │ │ ├ [117]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [116]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/3N4NJ │ │ │ │ 7FR4X4FPZUGNTQAPSTVB2HB2Y4A -│ │ │ ├ [118]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [117]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/3N4NJ │ │ │ │ 7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ -│ │ │ ├ [119]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [118]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/BFQD3 │ │ │ │ KUEMFBHPAPBGLWQC34L4OWL5HAZ -│ │ │ ├ [120]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [119]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/BFQD3 │ │ │ │ KUEMFBHPAPBGLWQC34L4OWL5HAZ/ -│ │ │ ├ [121]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [120]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/CLB4T │ │ │ │ W7KALB3EEQWNWCN7OUIWWVWWCG2 -│ │ │ ├ [122]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [121]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/CLB4T │ │ │ │ W7KALB3EEQWNWCN7OUIWWVWWCG2/ -│ │ │ ├ [123]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [122]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/E72T6 │ │ │ │ 7UPDRXHIDLO3OROR25YAMN4GGW5 -│ │ │ ├ [124]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [123]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/E72T6 │ │ │ │ 7UPDRXHIDLO3OROR25YAMN4GGW5/ -│ │ │ ├ [125]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [124]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/FNA62 │ │ │ │ Q767CFAFHBCDKYNPBMZWB7TWYVU -│ │ │ ├ [126]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [125]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/FNA62 │ │ │ │ Q767CFAFHBCDKYNPBMZWB7TWYVU/ -│ │ │ ├ [127]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [126]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/HT7T2 │ │ │ │ R4MQKLIF4ODV4BDLPARWFPCJ5CZ -│ │ │ ├ [128]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [127]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/HT7T2 │ │ │ │ R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ -│ │ │ ├ [129]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [128]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/JIZSE │ │ │ │ FC3YKCGABA2BZW6ZJRMDZJMB7PJ -│ │ │ ├ [130]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [129]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/JIZSE │ │ │ │ FC3YKCGABA2BZW6ZJRMDZJMB7PJ/ -│ │ │ ├ [131]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [130]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/JMEXY │ │ │ │ 22BFG5Q64HQCM5CK2Q7KDKVV4TY -│ │ │ ├ [132]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [131]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/JMEXY │ │ │ │ 22BFG5Q64HQCM5CK2Q7KDKVV4TY/ -│ │ │ ├ [133]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [132]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/KSEGD │ │ │ │ 2IWKNUO3DWY4KQGUQM5BISRWHQE -│ │ │ ├ [134]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [133]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/KSEGD │ │ │ │ 2IWKNUO3DWY4KQGUQM5BISRWHQE/ -│ │ │ ├ [135]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [134]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/LKYHS │ │ │ │ ZQFDNR7RSA7LHVLLIAQMVYCUGBG -│ │ │ ├ [136]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [135]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/LKYHS │ │ │ │ ZQFDNR7RSA7LHVLLIAQMVYCUGBG/ -│ │ │ ├ [137]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [136]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/LNMZJ │ │ │ │ CDHGLJJLXO4OXWJMTVQRNWOC7UL -│ │ │ ├ [138]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [137]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/LNMZJ │ │ │ │ CDHGLJJLXO4OXWJMTVQRNWOC7UL/ -│ │ │ ├ [139]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [138]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/VHUHT │ │ │ │ SXLXGXS7JYKBXTA3VINUPHTNGVU -│ │ │ ├ [140]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [139]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/VHUHT │ │ │ │ SXLXGXS7JYKBXTA3VINUPHTNGVU/ -│ │ │ ├ [141]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [140]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/VSRDI │ │ │ │ V77HNKUSM7SJC5BKE5JSHLHU2NK -│ │ │ ├ [142]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [141]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/VSRDI │ │ │ │ V77HNKUSM7SJC5BKE5JSHLHU2NK/ -│ │ │ ├ [143]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [142]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/WE2I5 │ │ │ │ 2RHNNU42PX6NZ2RBUHSFFJ2LVZX -│ │ │ ├ [144]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [143]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/WE2I5 │ │ │ │ 2RHNNU42PX6NZ2RBUHSFFJ2LVZX/ -│ │ │ ├ [145]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [144]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/WLPRQ │ │ │ │ 5TWUQQXYWBJM7ECYDAIL2YVKIUH -│ │ │ ├ [146]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [145]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/WLPRQ │ │ │ │ 5TWUQQXYWBJM7ECYDAIL2YVKIUH/ -│ │ │ ├ [147]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [146]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/X6QXN │ │ │ │ 4ORIVF6XBW4WWFE7VNPVC74S45Y -│ │ │ ├ [148]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [147]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/X6QXN │ │ │ │ 4ORIVF6XBW4WWFE7VNPVC74S45Y/ -│ │ │ ├ [149]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [148]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/XFOIB │ │ │ │ B4YFICHDM7IBOP7PWXW3FX4HLL2 -│ │ │ ├ [150]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [149]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/XFOIB │ │ │ │ B4YFICHDM7IBOP7PWXW3FX4HLL2/ -│ │ │ ├ [151]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [150]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/ZB43R │ │ │ │ EMKRQR62NJEI7I5NQ4FSXNLBKRT -│ │ │ ├ [152]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [151]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/ZB43R │ │ │ │ EMKRQR62NJEI7I5NQ4FSXNLBKRT/ -│ │ │ ├ [153]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [152]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/ZKQSI │ │ │ │ KIAT5TJ3WSLU3RDBQ35YX4GY4V3 -│ │ │ ├ [154]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [153]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/ZKQSI │ │ │ │ KIAT5TJ3WSLU3RDBQ35YX4GY4V3/ -│ │ │ ├ [155]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [154]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/ZLU6U │ │ │ │ 2R2IC2K64NDPNMV55AUAO65MAF4 -│ │ │ ├ [156]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [155]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce%40lists.fedoraproject.org/message/ZLU6U │ │ │ │ 2R2IC2K64NDPNMV55AUAO65MAF4/ -│ │ │ ├ [157]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [156]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/3N4NJ7F │ │ │ │ R4X4FPZUGNTQAPSTVB2HB2Y4A -│ │ │ ├ [158]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [157]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/BFQD3KU │ │ │ │ EMFBHPAPBGLWQC34L4OWL5HAZ -│ │ │ ├ [159]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [158]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/CLB4TW7 │ │ │ │ KALB3EEQWNWCN7OUIWWVWWCG2 -│ │ │ ├ [160]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [159]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/E72T67U │ │ │ │ PDRXHIDLO3OROR25YAMN4GGW5 -│ │ │ ├ [161]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [160]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/FNA62Q7 │ │ │ │ 67CFAFHBCDKYNPBMZWB7TWYVU -│ │ │ ├ [162]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [161]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/HT7T2R4 │ │ │ │ MQKLIF4ODV4BDLPARWFPCJ5CZ -│ │ │ ├ [163]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [162]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/JIZSEFC │ │ │ │ 3YKCGABA2BZW6ZJRMDZJMB7PJ -│ │ │ ├ [164]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [163]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/JMEXY22 │ │ │ │ BFG5Q64HQCM5CK2Q7KDKVV4TY -│ │ │ ├ [165]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [164]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/KSEGD2I │ │ │ │ WKNUO3DWY4KQGUQM5BISRWHQE -│ │ │ ├ [166]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [165]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/LKYHSZQ │ │ │ │ FDNR7RSA7LHVLLIAQMVYCUGBG -│ │ │ ├ [167]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [166]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/LNMZJCD │ │ │ │ HGLJJLXO4OXWJMTVQRNWOC7UL -│ │ │ ├ [168]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [167]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/VHUHTSX │ │ │ │ LXGXS7JYKBXTA3VINUPHTNGVU -│ │ │ ├ [169]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [168]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/VSRDIV7 │ │ │ │ 7HNKUSM7SJC5BKE5JSHLHU2NK -│ │ │ ├ [170]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [169]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/WLPRQ5T │ │ │ │ WUQQXYWBJM7ECYDAIL2YVKIUH -│ │ │ ├ [171]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [170]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/X6QXN4O │ │ │ │ RIVF6XBW4WWFE7VNPVC74S45Y -│ │ │ ├ [172]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [171]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/XFOIBB4 │ │ │ │ YFICHDM7IBOP7PWXW3FX4HLL2 -│ │ │ ├ [173]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [172]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/ZB43REM │ │ │ │ KRQR62NJEI7I5NQ4FSXNLBKRT -│ │ │ ├ [174]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [173]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/ZKQSIKI │ │ │ │ AT5TJ3WSLU3RDBQ35YX4GY4V3 -│ │ │ ├ [175]: https://lists.fedoraproject.org/archives/list/packa +│ │ │ ├ [174]: https://lists.fedoraproject.org/archives/list/packa │ │ │ │ ge-announce@lists.fedoraproject.org/message/ZLU6U2R │ │ │ │ 2IC2K64NDPNMV55AUAO65MAF4 -│ │ │ ├ [176]: https://lists.w3.org/Archives/Public/ietf-http-wg/2 +│ │ │ ├ [175]: https://lists.w3.org/Archives/Public/ietf-http-wg/2 │ │ │ │ 023OctDec/0025.html -│ │ │ ├ [177]: https://mailman.nginx.org/pipermail/nginx-devel/202 +│ │ │ ├ [176]: https://mailman.nginx.org/pipermail/nginx-devel/202 │ │ │ │ 3-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html -│ │ │ ├ [178]: https://martinthomson.github.io/h2-stream-limits/dr +│ │ │ ├ [177]: https://martinthomson.github.io/h2-stream-limits/dr │ │ │ │ aft-thomson-httpbis-h2-stream-limits.html -│ │ │ ├ [179]: https://msrc.microsoft.com/blog/2023/10/microsoft-r +│ │ │ ├ [178]: https://msrc.microsoft.com/blog/2023/10/microsoft-r │ │ │ │ esponse-to-distributed-denial-of-service-ddos-attac │ │ │ │ ks-against-http/2 -│ │ │ ├ [180]: https://msrc.microsoft.com/blog/2023/10/microsoft-r +│ │ │ ├ [179]: https://msrc.microsoft.com/blog/2023/10/microsoft-r │ │ │ │ esponse-to-distributed-denial-of-service-ddos-attac │ │ │ │ ks-against-http/2/ -│ │ │ ├ [181]: https://msrc.microsoft.com/update-guide/vulnerabili +│ │ │ ├ [180]: https://msrc.microsoft.com/update-guide/vulnerabili │ │ │ │ ty/CVE-2023-44487 -│ │ │ ├ [182]: https://my.f5.com/manage/s/article/K000137106 -│ │ │ ├ [183]: https://netty.io/news/2023/10/10/4-1-100-Final.html -│ │ │ ├ [184]: https://news.ycombinator.com/item?id=37830987 -│ │ │ ├ [185]: https://news.ycombinator.com/item?id=37830998 -│ │ │ ├ [186]: https://news.ycombinator.com/item?id=37831062 -│ │ │ ├ [187]: https://news.ycombinator.com/item?id=37837043 -│ │ │ ├ [188]: https://nodejs.org/en/blog/vulnerability/october-20 +│ │ │ ├ [181]: https://my.f5.com/manage/s/article/K000137106 +│ │ │ ├ [182]: https://netty.io/news/2023/10/10/4-1-100-Final.html +│ │ │ ├ [183]: https://news.ycombinator.com/item?id=37830987 +│ │ │ ├ [184]: https://news.ycombinator.com/item?id=37830998 +│ │ │ ├ [185]: https://news.ycombinator.com/item?id=37831062 +│ │ │ ├ [186]: https://news.ycombinator.com/item?id=37837043 +│ │ │ ├ [187]: https://nodejs.org/en/blog/vulnerability/october-20 │ │ │ │ 23-security-releases -│ │ │ ├ [189]: https://nvd.nist.gov/vuln/detail/CVE-2023-44487 -│ │ │ ├ [190]: https://openssf.org/blog/2023/10/10/http-2-rapid-re +│ │ │ ├ [188]: https://nvd.nist.gov/vuln/detail/CVE-2023-44487 +│ │ │ ├ [189]: https://openssf.org/blog/2023/10/10/http-2-rapid-re │ │ │ │ set-vulnerability-highlights-need-for-rapid-respons │ │ │ │ e -│ │ │ ├ [191]: https://openssf.org/blog/2023/10/10/http-2-rapid-re +│ │ │ ├ [190]: https://openssf.org/blog/2023/10/10/http-2-rapid-re │ │ │ │ set-vulnerability-highlights-need-for-rapid-respons │ │ │ │ e/ -│ │ │ ├ [192]: https://pkg.go.dev/vuln/GO-2023-2102 -│ │ │ ├ [193]: https://seanmonstar.com/post/730794151136935936/hyp +│ │ │ ├ [191]: https://pkg.go.dev/vuln/GO-2023-2102 +│ │ │ ├ [192]: https://seanmonstar.com/post/730794151136935936/hyp │ │ │ │ er-http2-rapid-reset-unaffected -│ │ │ ├ [194]: https://security.gentoo.org/glsa/202311-09 -│ │ │ ├ [195]: https://security.netapp.com/advisory/ntap-20231016- +│ │ │ ├ [193]: https://security.gentoo.org/glsa/202311-09 +│ │ │ ├ [194]: https://security.netapp.com/advisory/ntap-20231016- │ │ │ │ 0001 -│ │ │ ├ [196]: https://security.netapp.com/advisory/ntap-20231016- +│ │ │ ├ [195]: https://security.netapp.com/advisory/ntap-20231016- │ │ │ │ 0001/ -│ │ │ ├ [197]: https://security.netapp.com/advisory/ntap-20240426- +│ │ │ ├ [196]: https://security.netapp.com/advisory/ntap-20240426- │ │ │ │ 0007 -│ │ │ ├ [198]: https://security.netapp.com/advisory/ntap-20240426- +│ │ │ ├ [197]: https://security.netapp.com/advisory/ntap-20240426- │ │ │ │ 0007/ -│ │ │ ├ [199]: https://security.netapp.com/advisory/ntap-20240621- +│ │ │ ├ [198]: https://security.netapp.com/advisory/ntap-20240621- │ │ │ │ 0006 -│ │ │ ├ [200]: https://security.netapp.com/advisory/ntap-20240621- +│ │ │ ├ [199]: https://security.netapp.com/advisory/ntap-20240621- │ │ │ │ 0006/ -│ │ │ ├ [201]: https://security.netapp.com/advisory/ntap-20240621- +│ │ │ ├ [200]: https://security.netapp.com/advisory/ntap-20240621- │ │ │ │ 0007 -│ │ │ ├ [202]: https://security.netapp.com/advisory/ntap-20240621- +│ │ │ ├ [201]: https://security.netapp.com/advisory/ntap-20240621- │ │ │ │ 0007/ -│ │ │ ├ [203]: https://security.paloaltonetworks.com/CVE-2023-44487 -│ │ │ ├ [204]: https://tomcat.apache.org/security-10.html#Fixed_in +│ │ │ ├ [202]: https://security.paloaltonetworks.com/CVE-2023-44487 +│ │ │ ├ [203]: https://tomcat.apache.org/security-10.html#Fixed_in │ │ │ │ _Apache_Tomcat_10.1.14 -│ │ │ ├ [205]: https://tomcat.apache.org/security-11.html#Fixed_in +│ │ │ ├ [204]: https://tomcat.apache.org/security-11.html#Fixed_in │ │ │ │ _Apache_Tomcat_11.0.0-M12 -│ │ │ ├ [206]: https://tomcat.apache.org/security-8.html#Fixed_in_ +│ │ │ ├ [205]: https://tomcat.apache.org/security-8.html#Fixed_in_ │ │ │ │ Apache_Tomcat_8.5.94 -│ │ │ ├ [207]: https://tomcat.apache.org/security-9.html#Fixed_in_ +│ │ │ ├ [206]: https://tomcat.apache.org/security-9.html#Fixed_in_ │ │ │ │ Apache_Tomcat_9.0.81 -│ │ │ ├ [208]: https://ubuntu.com/security/CVE-2023-44487 -│ │ │ ├ [209]: https://ubuntu.com/security/notices/USN-6427-1 -│ │ │ ├ [210]: https://ubuntu.com/security/notices/USN-6427-2 -│ │ │ ├ [211]: https://ubuntu.com/security/notices/USN-6438-1 -│ │ │ ├ [212]: https://ubuntu.com/security/notices/USN-6505-1 -│ │ │ ├ [213]: https://ubuntu.com/security/notices/USN-6574-1 -│ │ │ ├ [214]: https://ubuntu.com/security/notices/USN-6754-1 -│ │ │ ├ [215]: https://ubuntu.com/security/notices/USN-6994-1 -│ │ │ ├ [216]: https://ubuntu.com/security/notices/USN-7067-1 -│ │ │ ├ [217]: https://www.bleepingcomputer.com/news/security/new- +│ │ │ ├ [207]: https://ubuntu.com/security/CVE-2023-44487 +│ │ │ ├ [208]: https://ubuntu.com/security/notices/USN-6427-1 +│ │ │ ├ [209]: https://ubuntu.com/security/notices/USN-6427-2 +│ │ │ ├ [210]: https://ubuntu.com/security/notices/USN-6438-1 +│ │ │ ├ [211]: https://ubuntu.com/security/notices/USN-6505-1 +│ │ │ ├ [212]: https://ubuntu.com/security/notices/USN-6574-1 +│ │ │ ├ [213]: https://ubuntu.com/security/notices/USN-6754-1 +│ │ │ ├ [214]: https://ubuntu.com/security/notices/USN-6994-1 +│ │ │ ├ [215]: https://ubuntu.com/security/notices/USN-7067-1 +│ │ │ ├ [216]: https://www.bleepingcomputer.com/news/security/new- │ │ │ │ http-2-rapid-reset-zero-day-attack-breaks-ddos-reco │ │ │ │ rds -│ │ │ ├ [218]: https://www.bleepingcomputer.com/news/security/new- +│ │ │ ├ [217]: https://www.bleepingcomputer.com/news/security/new- │ │ │ │ http-2-rapid-reset-zero-day-attack-breaks-ddos-reco │ │ │ │ rds/ -│ │ │ ├ [219]: https://www.cisa.gov/known-exploited-vulnerabilitie +│ │ │ ├ [218]: https://www.cisa.gov/known-exploited-vulnerabilitie │ │ │ │ s-catalog -│ │ │ ├ [220]: https://www.cisa.gov/news-events/alerts/2023/10/10/ +│ │ │ ├ [219]: https://www.cisa.gov/news-events/alerts/2023/10/10/ │ │ │ │ http2-rapid-reset-vulnerability-cve-2023-44487 -│ │ │ ├ [221]: https://www.cve.org/CVERecord?id=CVE-2023-44487 -│ │ │ ├ [222]: https://www.darkreading.com/cloud/internet-wide-zer +│ │ │ ├ [220]: https://www.cve.org/CVERecord?id=CVE-2023-44487 +│ │ │ ├ [221]: https://www.darkreading.com/cloud/internet-wide-zer │ │ │ │ o-day-bug-fuels-largest-ever-ddos-event -│ │ │ ├ [223]: https://www.debian.org/security/2023/dsa-5521 -│ │ │ ├ [224]: https://www.debian.org/security/2023/dsa-5522 -│ │ │ ├ [225]: https://www.debian.org/security/2023/dsa-5540 -│ │ │ ├ [226]: https://www.debian.org/security/2023/dsa-5549 -│ │ │ ├ [227]: https://www.debian.org/security/2023/dsa-5558 -│ │ │ ├ [228]: https://www.debian.org/security/2023/dsa-5570 -│ │ │ ├ [229]: https://www.eclipse.org/lists/jetty-announce/msg001 +│ │ │ ├ [222]: https://www.debian.org/security/2023/dsa-5521 +│ │ │ ├ [223]: https://www.debian.org/security/2023/dsa-5522 +│ │ │ ├ [224]: https://www.debian.org/security/2023/dsa-5540 +│ │ │ ├ [225]: https://www.debian.org/security/2023/dsa-5549 +│ │ │ ├ [226]: https://www.debian.org/security/2023/dsa-5558 +│ │ │ ├ [227]: https://www.debian.org/security/2023/dsa-5570 +│ │ │ ├ [228]: https://www.eclipse.org/lists/jetty-announce/msg001 │ │ │ │ 81.html -│ │ │ ├ [230]: https://www.haproxy.com/blog/haproxy-is-not-affecte +│ │ │ ├ [229]: https://www.haproxy.com/blog/haproxy-is-not-affecte │ │ │ │ d-by-the-http-2-rapid-reset-attack-cve-2023-44487 -│ │ │ ├ [231]: https://www.mail-archive.com/haproxy@formilux.org/m +│ │ │ ├ [230]: https://www.mail-archive.com/haproxy@formilux.org/m │ │ │ │ sg44134.html -│ │ │ ├ [232]: https://www.netlify.com/blog/netlify-successfully-m +│ │ │ ├ [231]: https://www.netlify.com/blog/netlify-successfully-m │ │ │ │ itigates-cve-2023-44487 -│ │ │ ├ [233]: https://www.netlify.com/blog/netlify-successfully-m +│ │ │ ├ [232]: https://www.netlify.com/blog/netlify-successfully-m │ │ │ │ itigates-cve-2023-44487/ -│ │ │ ├ [234]: https://www.nginx.com/blog/http-2-rapid-reset-attac +│ │ │ ├ [233]: https://www.nginx.com/blog/http-2-rapid-reset-attac │ │ │ │ k-impacting-f5-nginx-products -│ │ │ ├ [235]: https://www.nginx.com/blog/http-2-rapid-reset-attac +│ │ │ ├ [234]: https://www.nginx.com/blog/http-2-rapid-reset-attac │ │ │ │ k-impacting-f5-nginx-products/ -│ │ │ ├ [236]: https://www.openwall.com/lists/oss-security/2023/10 +│ │ │ ├ [235]: https://www.openwall.com/lists/oss-security/2023/10 │ │ │ │ /10/6 -│ │ │ ├ [237]: https://www.phoronix.com/news/HTTP2-Rapid-Reset-Att +│ │ │ ├ [236]: https://www.phoronix.com/news/HTTP2-Rapid-Reset-Att │ │ │ │ ack -│ │ │ ├ [238]: https://www.theregister.com/2023/10/10/http2_rapid_ +│ │ │ ├ [237]: https://www.theregister.com/2023/10/10/http2_rapid_ │ │ │ │ reset_zeroday -│ │ │ ├ [239]: https://www.theregister.com/2023/10/10/http2_rapid_ +│ │ │ ├ [238]: https://www.theregister.com/2023/10/10/http2_rapid_ │ │ │ │ reset_zeroday/ -│ │ │ ╰ [240]: https://www.vicarius.io/vsociety/posts/rapid-reset- +│ │ │ ╰ [239]: https://www.vicarius.io/vsociety/posts/rapid-reset- │ │ │ cve-2023-44487-dos-in-http2-understanding-the-root- │ │ │ cause │ │ ├ PublishedDate : 2023-10-10T14:15:10.883Z @@ -6125,14 +6120,14 @@ │ │ ├ PkgID : golang.org/x/net@v0.12.0 │ │ ├ PkgName : golang.org/x/net │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/golang.org/x/net@v0.12.0 -│ │ │ ╰ UID : 9d3e63f510d6f6b5 +│ │ │ ╰ UID : 3c33bb037f527747 │ │ ├ InstalledVersion: v0.12.0 │ │ ├ FixedVersion : 0.23.0 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-45288 │ │ ├ DataSource ╭ ID : ghsa @@ -6180,7 +6175,7 @@ │ │ │ │ 3/16 │ │ │ ├ [1] : http://www.openwall.com/lists/oss-security/2024/04/0 │ │ │ │ 5/4 -│ │ │ ├ [2] : https://access.redhat.com/errata/RHSA-2024:3346 +│ │ │ ├ [2] : https://access.redhat.com/errata/RHSA-2024:2724 │ │ │ ├ [3] : https://access.redhat.com/security/cve/CVE-2023-45288 │ │ │ ├ [4] : https://bugzilla.redhat.com/2268017 │ │ │ ├ [5] : https://bugzilla.redhat.com/2268018 @@ -6198,7 +6193,7 @@ │ │ │ │ 023-45290 │ │ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24783 -│ │ │ ├ [16]: https://errata.almalinux.org/8/ALSA-2024-3346.html +│ │ │ ├ [16]: https://errata.almalinux.org/9/ALSA-2024-2724.html │ │ │ ├ [17]: https://errata.rockylinux.org/RLSA-2024:2724 │ │ │ ├ [18]: https://go.dev/cl/576155 │ │ │ ├ [19]: https://go.dev/issue/65051 @@ -6233,14 +6228,14 @@ │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.11, 1.22.4 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-24790 │ │ ├ DataSource ╭ ID : govulndb @@ -6274,51 +6269,53 @@ │ │ │ ╰ V3Score : 6.7 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/06/0 │ │ │ │ 4/1 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:5291 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:9115 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2024-24790 │ │ │ ├ [3] : https://bugzilla.redhat.com/2279814 │ │ │ ├ [4] : https://bugzilla.redhat.com/2292668 │ │ │ ├ [5] : https://bugzilla.redhat.com/2292787 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2292668 -│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2292787 -│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2294000 +│ │ │ ├ [7] : https://bugzilla.redhat.com/2295310 +│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2292668 +│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2292787 +│ │ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24789 -│ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [11]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24790 -│ │ │ ├ [10]: https://errata.almalinux.org/8/ALSA-2024-5291.html -│ │ │ ├ [11]: https://errata.rockylinux.org/RLSA-2024:4212 -│ │ │ ├ [12]: https://github.com/golang/go/commit/051bdf3fd12a4030 +│ │ │ ├ [12]: https://errata.almalinux.org/9/ALSA-2024-9115.html +│ │ │ ├ [13]: https://errata.rockylinux.org/RLSA-2024:4212 +│ │ │ ├ [14]: https://github.com/golang/go/commit/051bdf3fd12a4030 │ │ │ │ 7606ff9381138039c5f452f0 (1.21) -│ │ │ ├ [13]: https://github.com/golang/go/commit/12d5810cdb1f73cf +│ │ │ ├ [15]: https://github.com/golang/go/commit/12d5810cdb1f73cf │ │ │ │ 23d7a86462143e9463317fca (1.22) -│ │ │ ├ [14]: https://github.com/golang/go/issues/67680 -│ │ │ ├ [15]: https://go.dev/cl/590316 -│ │ │ ├ [16]: https://go.dev/issue/67680 -│ │ │ ├ [17]: https://groups.google.com/g/golang-announce/c/XbxouI +│ │ │ ├ [16]: https://github.com/golang/go/issues/67680 +│ │ │ ├ [17]: https://go.dev/cl/590316 +│ │ │ ├ [18]: https://go.dev/issue/67680 +│ │ │ ├ [19]: https://groups.google.com/g/golang-announce/c/XbxouI │ │ │ │ 9gY7k -│ │ │ ├ [18]: https://groups.google.com/g/golang-announce/c/XbxouI +│ │ │ ├ [20]: https://groups.google.com/g/golang-announce/c/XbxouI │ │ │ │ 9gY7k/m/TuoGEhxIEwAJ -│ │ │ ├ [19]: https://linux.oracle.com/cve/CVE-2024-24790.html -│ │ │ ├ [20]: https://linux.oracle.com/errata/ELSA-2024-9115.html -│ │ │ ├ [21]: https://nvd.nist.gov/vuln/detail/CVE-2024-24790 -│ │ │ ├ [22]: https://pkg.go.dev/vuln/GO-2024-2887 -│ │ │ ├ [23]: https://ubuntu.com/security/notices/USN-6886-1 -│ │ │ ├ [24]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ╰ [25]: https://www.cve.org/CVERecord?id=CVE-2024-24790 +│ │ │ ├ [21]: https://linux.oracle.com/cve/CVE-2024-24790.html +│ │ │ ├ [22]: https://linux.oracle.com/errata/ELSA-2024-9115.html +│ │ │ ├ [23]: https://nvd.nist.gov/vuln/detail/CVE-2024-24790 +│ │ │ ├ [24]: https://pkg.go.dev/vuln/GO-2024-2887 +│ │ │ ├ [25]: https://ubuntu.com/security/notices/USN-6886-1 +│ │ │ ├ [26]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ╰ [27]: https://www.cve.org/CVERecord?id=CVE-2024-24790 │ │ ├ PublishedDate : 2024-06-05T16:15:10.56Z │ │ ╰ LastModifiedDate: 2024-09-03T18:35:07.483Z │ ├ [6] ╭ VulnerabilityID : CVE-2023-39325 │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.20.10, 1.21.3 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-39325 │ │ ├ DataSource ╭ ID : govulndb @@ -6372,7 +6369,7 @@ │ │ │ │ :N/A:H │ │ │ ╰ V3Score : 7.5 │ │ ├ References ╭ [0] : golang.org/x/net -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2023:5863 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2023:6077 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2023-39325 │ │ │ ├ [3] : https://access.redhat.com/security/cve/CVE-2023-44487 │ │ │ ├ [4] : https://bugzilla.redhat.com/2242803 @@ -6383,7 +6380,7 @@ │ │ │ │ 2023-39325 │ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE- │ │ │ │ 2023-44487 -│ │ │ ├ [10] : https://errata.almalinux.org/8/ALSA-2023-5863.html +│ │ │ ├ [10] : https://errata.almalinux.org/9/ALSA-2023-6077.html │ │ │ ├ [11] : https://errata.rockylinux.org/RLSA-2023:6077 │ │ │ ├ [12] : https://github.com/golang/go/commit/24ae2d927285c69 │ │ │ │ 7440fdde3ad7f26028354bcf3 [golang- 1.21] @@ -6632,14 +6629,14 @@ │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.20.11, 1.21.4, 1.20.12, 1.21.5 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-45283 │ │ ├ DataSource ╭ ID : govulndb @@ -6698,14 +6695,14 @@ │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.9, 1.22.2 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-45288 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -6751,7 +6748,7 @@ │ │ │ │ 3/16 │ │ │ ├ [1] : http://www.openwall.com/lists/oss-security/2024/04/0 │ │ │ │ 5/4 -│ │ │ ├ [2] : https://access.redhat.com/errata/RHSA-2024:3346 +│ │ │ ├ [2] : https://access.redhat.com/errata/RHSA-2024:2724 │ │ │ ├ [3] : https://access.redhat.com/security/cve/CVE-2023-45288 │ │ │ ├ [4] : https://bugzilla.redhat.com/2268017 │ │ │ ├ [5] : https://bugzilla.redhat.com/2268018 @@ -6769,7 +6766,7 @@ │ │ │ │ 023-45290 │ │ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24783 -│ │ │ ├ [16]: https://errata.almalinux.org/8/ALSA-2024-3346.html +│ │ │ ├ [16]: https://errata.almalinux.org/9/ALSA-2024-2724.html │ │ │ ├ [17]: https://errata.rockylinux.org/RLSA-2024:2724 │ │ │ ├ [18]: https://go.dev/cl/576155 │ │ │ ├ [19]: https://go.dev/issue/65051 @@ -6804,14 +6801,14 @@ │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.22.7, 1.23.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-34156 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -6837,48 +6834,46 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I │ │ │ │ :N/A:H │ │ │ ╰ V3Score : 7.5 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:8038 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9473 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-34156 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2268017 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2310527 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2310528 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2310529 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2310528 -│ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2310528 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2318052 +│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2310528 +│ │ │ ├ [5] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34156 -│ │ │ ├ [8] : https://errata.almalinux.org/8/ALSA-2024-8038.html -│ │ │ ├ [9] : https://errata.rockylinux.org/RLSA-2024:7204 -│ │ │ ├ [10]: https://github.com/golang/go/commit/2092294f2b097c58 +│ │ │ ├ [6] : https://errata.almalinux.org/9/ALSA-2024-9473.html +│ │ │ ├ [7] : https://errata.rockylinux.org/RLSA-2024:7204 +│ │ │ ├ [8] : https://github.com/golang/go/commit/2092294f2b097c58 │ │ │ │ 28f4eace6c98a322c1510b01 (go1.22.7) -│ │ │ ├ [11]: https://github.com/golang/go/commit/fa8ff1a46deb6c81 +│ │ │ ├ [9] : https://github.com/golang/go/commit/fa8ff1a46deb6c81 │ │ │ │ 6304441ec6740ec112e19012 (go1.23.1) -│ │ │ ├ [12]: https://go.dev/cl/611239 -│ │ │ ├ [13]: https://go.dev/issue/69139 -│ │ │ ├ [14]: https://groups.google.com/g/golang-announce/c/K-cEzD +│ │ │ ├ [10]: https://go.dev/cl/611239 +│ │ │ ├ [11]: https://go.dev/issue/69139 +│ │ │ ├ [12]: https://groups.google.com/g/golang-announce/c/K-cEzD │ │ │ │ eCtpc -│ │ │ ├ [15]: https://groups.google.com/g/golang-dev/c/S9POB9NCTdk -│ │ │ ├ [16]: https://linux.oracle.com/cve/CVE-2024-34156.html -│ │ │ ├ [17]: https://linux.oracle.com/errata/ELSA-2024-9473.html -│ │ │ ├ [18]: https://nvd.nist.gov/vuln/detail/CVE-2024-34156 -│ │ │ ├ [19]: https://pkg.go.dev/vuln/GO-2024-3106 -│ │ │ ├ [20]: https://ubuntu.com/security/notices/USN-7081-1 -│ │ │ ├ [21]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [22]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ │ ╰ [23]: https://www.cve.org/CVERecord?id=CVE-2024-34156 +│ │ │ ├ [13]: https://groups.google.com/g/golang-dev/c/S9POB9NCTdk +│ │ │ ├ [14]: https://linux.oracle.com/cve/CVE-2024-34156.html +│ │ │ ├ [15]: https://linux.oracle.com/errata/ELSA-2024-9473.html +│ │ │ ├ [16]: https://nvd.nist.gov/vuln/detail/CVE-2024-34156 +│ │ │ ├ [17]: https://pkg.go.dev/vuln/GO-2024-3106 +│ │ │ ├ [18]: https://ubuntu.com/security/notices/USN-7081-1 +│ │ │ ├ [19]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [20]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ │ ╰ [21]: https://www.cve.org/CVERecord?id=CVE-2024-34156 │ │ ├ PublishedDate : 2024-09-06T21:15:12.02Z │ │ ╰ LastModifiedDate: 2024-09-09T15:35:07.573Z │ ├ [10] ╭ VulnerabilityID : CVE-2023-29406 │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.19.11, 1.20.6 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-29406 │ │ ├ DataSource ╭ ID : govulndb @@ -6911,43 +6906,55 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I │ │ │ │ :H/A:N │ │ │ ╰ V3Score : 6.5 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2023:7202 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2023:6474 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2023-29406 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2222167 -│ │ │ ├ [3] : https://errata.almalinux.org/8/ALSA-2023-7202.html -│ │ │ ├ [4] : https://github.com/golang/go/commit/312920c00aac9897 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2174485 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2178358 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2178488 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2178492 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2184481 +│ │ │ ├ [7] : https://bugzilla.redhat.com/2184482 +│ │ │ ├ [8] : https://bugzilla.redhat.com/2184483 +│ │ │ ├ [9] : https://bugzilla.redhat.com/2184484 +│ │ │ ├ [10]: https://bugzilla.redhat.com/2196026 +│ │ │ ├ [11]: https://bugzilla.redhat.com/2196027 +│ │ │ ├ [12]: https://bugzilla.redhat.com/2196029 +│ │ │ ├ [13]: https://bugzilla.redhat.com/2222167 +│ │ │ ├ [14]: https://bugzilla.redhat.com/2228689 +│ │ │ ├ [15]: https://errata.almalinux.org/9/ALSA-2023-6474.html +│ │ │ ├ [16]: https://github.com/golang/go/commit/312920c00aac9897 │ │ │ │ b2a0693e752390b5b0711a5a (go1.20.6) -│ │ │ ├ [5] : https://github.com/golang/go/commit/5fa6923b1ea89140 +│ │ │ ├ [17]: https://github.com/golang/go/commit/5fa6923b1ea89140 │ │ │ │ 0153d04ddf1545e23b40041b (go1.19.11) -│ │ │ ├ [6] : https://github.com/golang/go/issues/60374 -│ │ │ ├ [7] : https://go.dev/cl/506996 -│ │ │ ├ [8] : https://go.dev/issue/60374 -│ │ │ ├ [9] : https://groups.google.com/g/golang-announce/c/2q13H6 +│ │ │ ├ [18]: https://github.com/golang/go/issues/60374 +│ │ │ ├ [19]: https://go.dev/cl/506996 +│ │ │ ├ [20]: https://go.dev/issue/60374 +│ │ │ ├ [21]: https://groups.google.com/g/golang-announce/c/2q13H6 │ │ │ │ LEEx0 -│ │ │ ├ [10]: https://linux.oracle.com/cve/CVE-2023-29406.html -│ │ │ ├ [11]: https://linux.oracle.com/errata/ELSA-2023-7202.html -│ │ │ ├ [12]: https://nvd.nist.gov/vuln/detail/CVE-2023-29406 -│ │ │ ├ [13]: https://pkg.go.dev/vuln/GO-2023-1878 -│ │ │ ├ [14]: https://security.gentoo.org/glsa/202311-09 -│ │ │ ├ [15]: https://security.netapp.com/advisory/ntap-20230814-0 +│ │ │ ├ [22]: https://linux.oracle.com/cve/CVE-2023-29406.html +│ │ │ ├ [23]: https://linux.oracle.com/errata/ELSA-2023-7202.html +│ │ │ ├ [24]: https://nvd.nist.gov/vuln/detail/CVE-2023-29406 +│ │ │ ├ [25]: https://pkg.go.dev/vuln/GO-2023-1878 +│ │ │ ├ [26]: https://security.gentoo.org/glsa/202311-09 +│ │ │ ├ [27]: https://security.netapp.com/advisory/ntap-20230814-0 │ │ │ │ 002/ -│ │ │ ├ [16]: https://ubuntu.com/security/notices/USN-7061-1 -│ │ │ ├ [17]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ╰ [18]: https://www.cve.org/CVERecord?id=CVE-2023-29406 +│ │ │ ├ [28]: https://ubuntu.com/security/notices/USN-7061-1 +│ │ │ ├ [29]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ╰ [30]: https://www.cve.org/CVERecord?id=CVE-2023-29406 │ │ ├ PublishedDate : 2023-07-11T20:15:10.643Z │ │ ╰ LastModifiedDate: 2023-11-25T11:15:14.727Z │ ├ [11] ╭ VulnerabilityID : CVE-2023-29409 │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.19.12, 1.20.7, 1.21.0-rc.4 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-29409 │ │ ├ DataSource ╭ ID : govulndb @@ -6987,44 +6994,40 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I │ │ │ │ :N/A:L │ │ │ ╰ V3Score : 5.3 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:0121 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2023:7766 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2023-29409 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2124669 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2132867 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2132868 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2132872 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2228743 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2237773 -│ │ │ ├ [8] : https://bugzilla.redhat.com/2237776 -│ │ │ ├ [9] : https://bugzilla.redhat.com/2237777 -│ │ │ ├ [10]: https://bugzilla.redhat.com/2237778 -│ │ │ ├ [11]: https://errata.almalinux.org/8/ALSA-2024-0121.html -│ │ │ ├ [12]: https://go.dev/cl/515257 -│ │ │ ├ [13]: https://go.dev/issue/61460 -│ │ │ ├ [14]: https://groups.google.com/g/golang-announce/c/X0b6Cs +│ │ │ ├ [2] : https://bugzilla.redhat.com/2228743 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2237773 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2237776 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2237777 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2237778 +│ │ │ ├ [7] : https://errata.almalinux.org/9/ALSA-2023-7766.html +│ │ │ ├ [8] : https://go.dev/cl/515257 +│ │ │ ├ [9] : https://go.dev/issue/61460 +│ │ │ ├ [10]: https://groups.google.com/g/golang-announce/c/X0b6Cs │ │ │ │ SAaYI/m/Efv5DbZ9AwAJ -│ │ │ ├ [15]: https://linux.oracle.com/cve/CVE-2023-29409.html -│ │ │ ├ [16]: https://linux.oracle.com/errata/ELSA-2024-2988.html -│ │ │ ├ [17]: https://nvd.nist.gov/vuln/detail/CVE-2023-29409 -│ │ │ ├ [18]: https://pkg.go.dev/vuln/GO-2023-1987 -│ │ │ ├ [19]: https://security.gentoo.org/glsa/202311-09 -│ │ │ ├ [20]: https://security.netapp.com/advisory/ntap-20230831-0 +│ │ │ ├ [11]: https://linux.oracle.com/cve/CVE-2023-29409.html +│ │ │ ├ [12]: https://linux.oracle.com/errata/ELSA-2024-2988.html +│ │ │ ├ [13]: https://nvd.nist.gov/vuln/detail/CVE-2023-29409 +│ │ │ ├ [14]: https://pkg.go.dev/vuln/GO-2023-1987 +│ │ │ ├ [15]: https://security.gentoo.org/glsa/202311-09 +│ │ │ ├ [16]: https://security.netapp.com/advisory/ntap-20230831-0 │ │ │ │ 010/ -│ │ │ ╰ [21]: https://www.cve.org/CVERecord?id=CVE-2023-29409 +│ │ │ ╰ [17]: https://www.cve.org/CVERecord?id=CVE-2023-29409 │ │ ├ PublishedDate : 2023-08-02T20:15:11.94Z │ │ ╰ LastModifiedDate: 2023-11-25T11:15:14.87Z │ ├ [12] ╭ VulnerabilityID : CVE-2023-39318 │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.20.8, 1.21.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-39318 │ │ ├ DataSource ╭ ID : govulndb @@ -7059,54 +7062,48 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I │ │ │ │ :L/A:N │ │ │ ╰ V3Score : 6.1 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:0121 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:2160 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2023-39318 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2124669 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2132867 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2132868 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2132872 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2228743 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2237773 -│ │ │ ├ [8] : https://bugzilla.redhat.com/2237776 -│ │ │ ├ [9] : https://bugzilla.redhat.com/2237777 -│ │ │ ├ [10]: https://bugzilla.redhat.com/2237778 -│ │ │ ├ [11]: https://errata.almalinux.org/8/ALSA-2024-0121.html -│ │ │ ├ [12]: https://github.com/golang/go/commit/023b542edf38e2a1 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2237773 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2237776 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2253330 +│ │ │ ├ [5] : https://errata.almalinux.org/9/ALSA-2024-2160.html +│ │ │ ├ [6] : https://github.com/golang/go/commit/023b542edf38e2a1 │ │ │ │ f87fcefb9f75ff2f99401b4c (go1.20.8) -│ │ │ ├ [13]: https://github.com/golang/go/commit/b0e1d3ea26e8e8fc +│ │ │ ├ [7] : https://github.com/golang/go/commit/b0e1d3ea26e8e8fc │ │ │ │ e7726690c9ef0597e60739fb (go1.21.1) -│ │ │ ├ [14]: https://go.dev/cl/526156 -│ │ │ ├ [15]: https://go.dev/issue/62196 -│ │ │ ├ [16]: https://groups.google.com/g/golang-announce/c/Fm51GR +│ │ │ ├ [8] : https://go.dev/cl/526156 +│ │ │ ├ [9] : https://go.dev/issue/62196 +│ │ │ ├ [10]: https://groups.google.com/g/golang-announce/c/Fm51GR │ │ │ │ LNRvM -│ │ │ ├ [17]: https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI +│ │ │ ├ [11]: https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI │ │ │ │ /m/L1hdrPhfBAAJ -│ │ │ ├ [18]: https://linux.oracle.com/cve/CVE-2023-39318.html -│ │ │ ├ [19]: https://linux.oracle.com/errata/ELSA-2024-2988.html -│ │ │ ├ [20]: https://nvd.nist.gov/vuln/detail/CVE-2023-39318 -│ │ │ ├ [21]: https://pkg.go.dev/vuln/GO-2023-2041 -│ │ │ ├ [22]: https://security.gentoo.org/glsa/202311-09 -│ │ │ ├ [23]: https://security.netapp.com/advisory/ntap-20231020-0 +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2023-39318.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-2988.html +│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2023-39318 +│ │ │ ├ [15]: https://pkg.go.dev/vuln/GO-2023-2041 +│ │ │ ├ [16]: https://security.gentoo.org/glsa/202311-09 +│ │ │ ├ [17]: https://security.netapp.com/advisory/ntap-20231020-0 │ │ │ │ 009/ -│ │ │ ├ [24]: https://ubuntu.com/security/notices/USN-6574-1 -│ │ │ ├ [25]: https://ubuntu.com/security/notices/USN-7061-1 -│ │ │ ├ [26]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [27]: https://vuln.go.dev/ID/GO-2023-2041.json -│ │ │ ╰ [28]: https://www.cve.org/CVERecord?id=CVE-2023-39318 +│ │ │ ├ [18]: https://ubuntu.com/security/notices/USN-6574-1 +│ │ │ ├ [19]: https://ubuntu.com/security/notices/USN-7061-1 +│ │ │ ├ [20]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [21]: https://vuln.go.dev/ID/GO-2023-2041.json +│ │ │ ╰ [22]: https://www.cve.org/CVERecord?id=CVE-2023-39318 │ │ ├ PublishedDate : 2023-09-08T17:15:27.823Z │ │ ╰ LastModifiedDate: 2023-11-25T11:15:17.43Z │ ├ [13] ╭ VulnerabilityID : CVE-2023-39319 │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.20.8, 1.21.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-39319 │ │ ├ DataSource ╭ ID : govulndb @@ -7142,54 +7139,48 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I │ │ │ │ :L/A:N │ │ │ ╰ V3Score : 6.1 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:0121 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:2160 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2023-39319 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2124669 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2132867 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2132868 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2132872 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2228743 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2237773 -│ │ │ ├ [8] : https://bugzilla.redhat.com/2237776 -│ │ │ ├ [9] : https://bugzilla.redhat.com/2237777 -│ │ │ ├ [10]: https://bugzilla.redhat.com/2237778 -│ │ │ ├ [11]: https://errata.almalinux.org/8/ALSA-2024-0121.html -│ │ │ ├ [12]: https://github.com/golang/go/commit/2070531d2f53df88 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2237773 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2237776 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2253330 +│ │ │ ├ [5] : https://errata.almalinux.org/9/ALSA-2024-2160.html +│ │ │ ├ [6] : https://github.com/golang/go/commit/2070531d2f53df88 │ │ │ │ e312edace6c8dfc9686ab2f5 (go1.20.8) -│ │ │ ├ [13]: https://github.com/golang/go/commit/bbd043ff0d6d59f1 +│ │ │ ├ [7] : https://github.com/golang/go/commit/bbd043ff0d6d59f1 │ │ │ │ a9232d31ecd5eacf6507bf6a (go1.21.1) -│ │ │ ├ [14]: https://go.dev/cl/526157 -│ │ │ ├ [15]: https://go.dev/issue/62197 -│ │ │ ├ [16]: https://groups.google.com/g/golang-announce/c/Fm51GR +│ │ │ ├ [8] : https://go.dev/cl/526157 +│ │ │ ├ [9] : https://go.dev/issue/62197 +│ │ │ ├ [10]: https://groups.google.com/g/golang-announce/c/Fm51GR │ │ │ │ LNRvM -│ │ │ ├ [17]: https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI +│ │ │ ├ [11]: https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI │ │ │ │ /m/L1hdrPhfBAAJ -│ │ │ ├ [18]: https://linux.oracle.com/cve/CVE-2023-39319.html -│ │ │ ├ [19]: https://linux.oracle.com/errata/ELSA-2024-2988.html -│ │ │ ├ [20]: https://nvd.nist.gov/vuln/detail/CVE-2023-39319 -│ │ │ ├ [21]: https://pkg.go.dev/vuln/GO-2023-2043 -│ │ │ ├ [22]: https://security.gentoo.org/glsa/202311-09 -│ │ │ ├ [23]: https://security.netapp.com/advisory/ntap-20231020-0 +│ │ │ ├ [12]: https://linux.oracle.com/cve/CVE-2023-39319.html +│ │ │ ├ [13]: https://linux.oracle.com/errata/ELSA-2024-2988.html +│ │ │ ├ [14]: https://nvd.nist.gov/vuln/detail/CVE-2023-39319 +│ │ │ ├ [15]: https://pkg.go.dev/vuln/GO-2023-2043 +│ │ │ ├ [16]: https://security.gentoo.org/glsa/202311-09 +│ │ │ ├ [17]: https://security.netapp.com/advisory/ntap-20231020-0 │ │ │ │ 009/ -│ │ │ ├ [24]: https://ubuntu.com/security/notices/USN-6574-1 -│ │ │ ├ [25]: https://ubuntu.com/security/notices/USN-7061-1 -│ │ │ ├ [26]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [27]: https://vuln.go.dev/ID/GO-2023-2043.json -│ │ │ ╰ [28]: https://www.cve.org/CVERecord?id=CVE-2023-39319 +│ │ │ ├ [18]: https://ubuntu.com/security/notices/USN-6574-1 +│ │ │ ├ [19]: https://ubuntu.com/security/notices/USN-7061-1 +│ │ │ ├ [20]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [21]: https://vuln.go.dev/ID/GO-2023-2043.json +│ │ │ ╰ [22]: https://www.cve.org/CVERecord?id=CVE-2023-39319 │ │ ├ PublishedDate : 2023-09-08T17:15:27.91Z │ │ ╰ LastModifiedDate: 2023-11-25T11:15:17.543Z │ ├ [14] ╭ VulnerabilityID : CVE-2023-39326 │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.20.12, 1.21.5 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-39326 │ │ ├ DataSource ╭ ID : govulndb @@ -7230,11 +7221,11 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I │ │ │ │ :N/A:N │ │ │ ╰ V3Score : 5.3 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:0887 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:2272 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2023-39326 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2253323 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2253193 │ │ │ ├ [3] : https://bugzilla.redhat.com/2253330 -│ │ │ ├ [4] : https://errata.almalinux.org/8/ALSA-2024-0887.html +│ │ │ ├ [4] : https://errata.almalinux.org/9/ALSA-2024-2272.html │ │ │ ├ [5] : https://github.com/golang/go/commit/6446af942e2e2b16 │ │ │ │ 1c4ec1b60d9703a2b55dc4dd (go1.20.12) │ │ │ ├ [6] : https://github.com/golang/go/commit/ec8c526e4be720e9 @@ -7258,14 +7249,14 @@ │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.20.11, 1.21.4 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-45284 │ │ ├ DataSource ╭ ID : govulndb @@ -7303,14 +7294,14 @@ │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.8, 1.22.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-45289 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -7342,7 +7333,7 @@ │ │ │ ╰ V3Score : 5.3 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/03/0 │ │ │ │ 8/4 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:3346 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:2724 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2023-45289 │ │ │ ├ [3] : https://bugzilla.redhat.com/2268017 │ │ │ ├ [4] : https://bugzilla.redhat.com/2268018 @@ -7360,7 +7351,7 @@ │ │ │ │ 023-45290 │ │ │ ├ [14]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24783 -│ │ │ ├ [15]: https://errata.almalinux.org/8/ALSA-2024-3346.html +│ │ │ ├ [15]: https://errata.almalinux.org/9/ALSA-2024-2724.html │ │ │ ├ [16]: https://errata.rockylinux.org/RLSA-2024:2724 │ │ │ ├ [17]: https://github.com/golang/go/commit/20586c0dbe03d144 │ │ │ │ f914155f879fa5ee287591a1 (go1.21.8) @@ -7385,14 +7376,14 @@ │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.8, 1.22.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2023-45290 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -7413,7 +7404,7 @@ │ │ │ lines. │ │ ├ Severity : MEDIUM │ │ ├ CweIDs ─ [0]: CWE-770 -│ │ ├ VendorSeverity ╭ alma : 3 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ bitnami : 2 │ │ │ ├ cbl-mariner: 2 @@ -7429,16 +7420,16 @@ │ │ │ ╰ V3Score : 5.3 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/03/0 │ │ │ │ 8/4 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:8038 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:9135 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2023-45290 │ │ │ ├ [3] : https://bugzilla.redhat.com/2268017 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2310527 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2310528 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2310529 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2268022 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2279814 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2295310 │ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2268017 │ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45290 -│ │ │ ├ [9] : https://errata.almalinux.org/8/ALSA-2024-8038.html +│ │ │ ├ [9] : https://errata.almalinux.org/9/ALSA-2024-9135.html │ │ │ ├ [10]: https://errata.rockylinux.org/RLSA-2024:3830 │ │ │ ├ [11]: https://github.com/golang/go/commit/041a47712e765e94 │ │ │ │ f86d841c3110c840e76d8f82 (go1.22.1) @@ -7467,14 +7458,14 @@ │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.8, 1.22.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-24783 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -7506,63 +7497,59 @@ │ │ │ ╰ V3Score : 5.9 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/03/0 │ │ │ │ 8/4 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:6969 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:6195 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2024-24783 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2268017 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2268019 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2268021 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2279814 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2295310 -│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2268017 -│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2268018 -│ │ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2268019 -│ │ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2268273 -│ │ │ ├ [12]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2268019 +│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2268017 +│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2268018 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2268019 +│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2268273 +│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45288 -│ │ │ ├ [13]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45289 -│ │ │ ├ [14]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45290 -│ │ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [11]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24783 -│ │ │ ├ [16]: https://errata.almalinux.org/8/ALSA-2024-6969.html -│ │ │ ├ [17]: https://errata.rockylinux.org/RLSA-2024:2724 -│ │ │ ├ [18]: https://github.com/advisories/GHSA-3q2c-pvp5-3cqp -│ │ │ ├ [19]: https://github.com/golang/go/commit/337b8e9cbfa749d9 +│ │ │ ├ [12]: https://errata.almalinux.org/9/ALSA-2024-6195.html +│ │ │ ├ [13]: https://errata.rockylinux.org/RLSA-2024:2724 +│ │ │ ├ [14]: https://github.com/advisories/GHSA-3q2c-pvp5-3cqp +│ │ │ ├ [15]: https://github.com/golang/go/commit/337b8e9cbfa749d9 │ │ │ │ d5c899e0dc358e2208d5e54f (go1.22.1) -│ │ │ ├ [20]: https://github.com/golang/go/commit/be5b52bea674190e +│ │ │ ├ [16]: https://github.com/golang/go/commit/be5b52bea674190e │ │ │ │ f7de272664be6c7ae93ec5a0 (go1.21.8) -│ │ │ ├ [21]: https://github.com/golang/go/issues/65390 -│ │ │ ├ [22]: https://go.dev/cl/569339 -│ │ │ ├ [23]: https://go.dev/issue/65390 -│ │ │ ├ [24]: https://groups.google.com/g/golang-announce/c/5pwGVU +│ │ │ ├ [17]: https://github.com/golang/go/issues/65390 +│ │ │ ├ [18]: https://go.dev/cl/569339 +│ │ │ ├ [19]: https://go.dev/issue/65390 +│ │ │ ├ [20]: https://groups.google.com/g/golang-announce/c/5pwGVU │ │ │ │ PoMbg -│ │ │ ├ [25]: https://linux.oracle.com/cve/CVE-2024-24783.html -│ │ │ ├ [26]: https://linux.oracle.com/errata/ELSA-2024-6969.html -│ │ │ ├ [27]: https://nvd.nist.gov/vuln/detail/CVE-2024-24783 -│ │ │ ├ [28]: https://pkg.go.dev/vuln/GO-2024-2598 -│ │ │ ├ [29]: https://security.netapp.com/advisory/ntap-20240329-0 +│ │ │ ├ [21]: https://linux.oracle.com/cve/CVE-2024-24783.html +│ │ │ ├ [22]: https://linux.oracle.com/errata/ELSA-2024-6969.html +│ │ │ ├ [23]: https://nvd.nist.gov/vuln/detail/CVE-2024-24783 +│ │ │ ├ [24]: https://pkg.go.dev/vuln/GO-2024-2598 +│ │ │ ├ [25]: https://security.netapp.com/advisory/ntap-20240329-0 │ │ │ │ 005 -│ │ │ ├ [30]: https://security.netapp.com/advisory/ntap-20240329-0 +│ │ │ ├ [26]: https://security.netapp.com/advisory/ntap-20240329-0 │ │ │ │ 005/ -│ │ │ ├ [31]: https://ubuntu.com/security/notices/USN-6886-1 -│ │ │ ├ [32]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [33]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ │ ╰ [34]: https://www.cve.org/CVERecord?id=CVE-2024-24783 +│ │ │ ├ [27]: https://ubuntu.com/security/notices/USN-6886-1 +│ │ │ ├ [28]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [29]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ │ ╰ [30]: https://www.cve.org/CVERecord?id=CVE-2024-24783 │ │ ├ PublishedDate : 2024-03-05T23:15:07.683Z │ │ ╰ LastModifiedDate: 2024-11-05T17:35:08.987Z │ ├ [19] ╭ VulnerabilityID : CVE-2024-24784 │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.8, 1.22.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-24784 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -7575,7 +7562,7 @@ │ │ │ result in different trust decisions being made by programs │ │ │ using different parsers. │ │ ├ Severity : MEDIUM -│ │ ├ VendorSeverity ╭ alma : 2 +│ │ ├ VendorSeverity ╭ alma : 3 │ │ │ ├ amazon : 2 │ │ │ ├ bitnami : 3 │ │ │ ├ cbl-mariner: 3 @@ -7592,69 +7579,71 @@ │ │ │ ╰ V3Score : 5.4 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/03/0 │ │ │ │ 8/4 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:6969 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:2562 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2024-24784 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2268017 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2268019 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2268021 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2279814 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2295310 -│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2262921 -│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2268017 -│ │ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2268018 -│ │ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2268019 -│ │ │ ├ [12]: https://bugzilla.redhat.com/show_bug.cgi?id=2268021 -│ │ │ ├ [13]: https://bugzilla.redhat.com/show_bug.cgi?id=2268022 -│ │ │ ├ [14]: https://bugzilla.redhat.com/show_bug.cgi?id=2268273 -│ │ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2262921 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2268017 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2268018 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2268019 +│ │ │ ├ [7] : https://bugzilla.redhat.com/2268021 +│ │ │ ├ [8] : https://bugzilla.redhat.com/2268022 +│ │ │ ├ [9] : https://bugzilla.redhat.com/2268273 +│ │ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2262921 +│ │ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2268017 +│ │ │ ├ [12]: https://bugzilla.redhat.com/show_bug.cgi?id=2268018 +│ │ │ ├ [13]: https://bugzilla.redhat.com/show_bug.cgi?id=2268019 +│ │ │ ├ [14]: https://bugzilla.redhat.com/show_bug.cgi?id=2268021 +│ │ │ ├ [15]: https://bugzilla.redhat.com/show_bug.cgi?id=2268022 +│ │ │ ├ [16]: https://bugzilla.redhat.com/show_bug.cgi?id=2268273 +│ │ │ ├ [17]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45288 -│ │ │ ├ [16]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [18]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45289 -│ │ │ ├ [17]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [19]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45290 -│ │ │ ├ [18]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [20]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-1394 -│ │ │ ├ [19]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [21]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24783 -│ │ │ ├ [20]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [22]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24784 -│ │ │ ├ [21]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [23]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24785 -│ │ │ ├ [22]: https://errata.almalinux.org/8/ALSA-2024-6969.html -│ │ │ ├ [23]: https://errata.rockylinux.org/RLSA-2024:2562 -│ │ │ ├ [24]: https://github.com/golang/go/commit/263c059b09fdd40d +│ │ │ ├ [24]: https://errata.almalinux.org/9/ALSA-2024-2562.html +│ │ │ ├ [25]: https://errata.rockylinux.org/RLSA-2024:2562 +│ │ │ ├ [26]: https://github.com/golang/go/commit/263c059b09fdd40d │ │ │ │ 9dd945f2ecb20c89ea28efe5 (go1.21.8) -│ │ │ ├ [25]: https://github.com/golang/go/commit/5330cd225ba54c7d +│ │ │ ├ [27]: https://github.com/golang/go/commit/5330cd225ba54c7d │ │ │ │ c78c1b46dcdf61a4671a632c (go1.22.1) -│ │ │ ├ [26]: https://github.com/golang/go/issues/65083 -│ │ │ ├ [27]: https://go.dev/cl/555596 -│ │ │ ├ [28]: https://go.dev/issue/65083 -│ │ │ ├ [29]: https://groups.google.com/g/golang-announce/c/5pwGVU +│ │ │ ├ [28]: https://github.com/golang/go/issues/65083 +│ │ │ ├ [29]: https://go.dev/cl/555596 +│ │ │ ├ [30]: https://go.dev/issue/65083 +│ │ │ ├ [31]: https://groups.google.com/g/golang-announce/c/5pwGVU │ │ │ │ PoMbg -│ │ │ ├ [30]: https://linux.oracle.com/cve/CVE-2024-24784.html -│ │ │ ├ [31]: https://linux.oracle.com/errata/ELSA-2024-6969.html -│ │ │ ├ [32]: https://nvd.nist.gov/vuln/detail/CVE-2024-24784 -│ │ │ ├ [33]: https://pkg.go.dev/vuln/GO-2024-2609 -│ │ │ ├ [34]: https://security.netapp.com/advisory/ntap-20240329-0 +│ │ │ ├ [32]: https://linux.oracle.com/cve/CVE-2024-24784.html +│ │ │ ├ [33]: https://linux.oracle.com/errata/ELSA-2024-6969.html +│ │ │ ├ [34]: https://nvd.nist.gov/vuln/detail/CVE-2024-24784 +│ │ │ ├ [35]: https://pkg.go.dev/vuln/GO-2024-2609 +│ │ │ ├ [36]: https://security.netapp.com/advisory/ntap-20240329-0 │ │ │ │ 007/ -│ │ │ ├ [35]: https://ubuntu.com/security/notices/USN-6886-1 -│ │ │ ├ [36]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [37]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ │ ╰ [38]: https://www.cve.org/CVERecord?id=CVE-2024-24784 +│ │ │ ├ [37]: https://ubuntu.com/security/notices/USN-6886-1 +│ │ │ ├ [38]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [39]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ │ ╰ [40]: https://www.cve.org/CVERecord?id=CVE-2024-24784 │ │ ├ PublishedDate : 2024-03-05T23:15:07.733Z │ │ ╰ LastModifiedDate: 2024-08-05T21:35:04.457Z │ ├ [20] ╭ VulnerabilityID : CVE-2024-24785 │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.8, 1.22.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-24785 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -7667,7 +7656,7 @@ │ │ │ allowing for subsequent actions to inject unexpected │ │ │ content into templates. │ │ ├ Severity : MEDIUM -│ │ ├ VendorSeverity ╭ alma : 3 +│ │ ├ VendorSeverity ╭ alma : 2 │ │ │ ├ amazon : 2 │ │ │ ├ cbl-mariner: 2 │ │ │ ├ oracle-oval: 3 @@ -7679,71 +7668,69 @@ │ │ │ ╰ V3Score : 6.5 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/03/0 │ │ │ │ 8/4 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:3259 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:9135 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2024-24785 │ │ │ ├ [3] : https://bugzilla.redhat.com/2268017 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2268018 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2268019 -│ │ │ ├ [6] : https://bugzilla.redhat.com/2268021 -│ │ │ ├ [7] : https://bugzilla.redhat.com/2268022 -│ │ │ ├ [8] : https://bugzilla.redhat.com/2268273 -│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2262921 -│ │ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2268017 -│ │ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2268018 -│ │ │ ├ [12]: https://bugzilla.redhat.com/show_bug.cgi?id=2268019 -│ │ │ ├ [13]: https://bugzilla.redhat.com/show_bug.cgi?id=2268021 -│ │ │ ├ [14]: https://bugzilla.redhat.com/show_bug.cgi?id=2268022 -│ │ │ ├ [15]: https://bugzilla.redhat.com/show_bug.cgi?id=2268273 -│ │ │ ├ [16]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2268022 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2279814 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2295310 +│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2262921 +│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2268017 +│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2268018 +│ │ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2268019 +│ │ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2268021 +│ │ │ ├ [12]: https://bugzilla.redhat.com/show_bug.cgi?id=2268022 +│ │ │ ├ [13]: https://bugzilla.redhat.com/show_bug.cgi?id=2268273 +│ │ │ ├ [14]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45288 -│ │ │ ├ [17]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45289 -│ │ │ ├ [18]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [16]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 023-45290 -│ │ │ ├ [19]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [17]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-1394 -│ │ │ ├ [20]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [18]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24783 -│ │ │ ├ [21]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [19]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24784 -│ │ │ ├ [22]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [20]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24785 -│ │ │ ├ [23]: https://errata.almalinux.org/8/ALSA-2024-3259.html -│ │ │ ├ [24]: https://errata.rockylinux.org/RLSA-2024:2562 -│ │ │ ├ [25]: https://github.com/golang/go/commit/056b0edcb8c15215 +│ │ │ ├ [21]: https://errata.almalinux.org/9/ALSA-2024-9135.html +│ │ │ ├ [22]: https://errata.rockylinux.org/RLSA-2024:2562 +│ │ │ ├ [23]: https://github.com/golang/go/commit/056b0edcb8c15215 │ │ │ │ 2021eebf4cf42adbfbe77992 (go1.22.1) -│ │ │ ├ [26]: https://github.com/golang/go/commit/3643147a29352ca2 +│ │ │ ├ [24]: https://github.com/golang/go/commit/3643147a29352ca2 │ │ │ │ 894fd5d0d2069bc4b4335a7e (go1.21.8) -│ │ │ ├ [27]: https://github.com/golang/go/issues/65697 -│ │ │ ├ [28]: https://go.dev/cl/564196 -│ │ │ ├ [29]: https://go.dev/issue/65697 -│ │ │ ├ [30]: https://groups.google.com/g/golang-announce/c/5pwGVU +│ │ │ ├ [25]: https://github.com/golang/go/issues/65697 +│ │ │ ├ [26]: https://go.dev/cl/564196 +│ │ │ ├ [27]: https://go.dev/issue/65697 +│ │ │ ├ [28]: https://groups.google.com/g/golang-announce/c/5pwGVU │ │ │ │ PoMbg -│ │ │ ├ [31]: https://linux.oracle.com/cve/CVE-2024-24785.html -│ │ │ ├ [32]: https://linux.oracle.com/errata/ELSA-2024-3259.html -│ │ │ ├ [33]: https://nvd.nist.gov/vuln/detail/CVE-2024-24785 -│ │ │ ├ [34]: https://pkg.go.dev/vuln/GO-2024-2610 -│ │ │ ├ [35]: https://security.netapp.com/advisory/ntap-20240329-0 +│ │ │ ├ [29]: https://linux.oracle.com/cve/CVE-2024-24785.html +│ │ │ ├ [30]: https://linux.oracle.com/errata/ELSA-2024-3259.html +│ │ │ ├ [31]: https://nvd.nist.gov/vuln/detail/CVE-2024-24785 +│ │ │ ├ [32]: https://pkg.go.dev/vuln/GO-2024-2610 +│ │ │ ├ [33]: https://security.netapp.com/advisory/ntap-20240329-0 │ │ │ │ 008/ -│ │ │ ├ [36]: https://ubuntu.com/security/notices/USN-6886-1 -│ │ │ ├ [37]: https://ubuntu.com/security/notices/USN-7061-1 -│ │ │ ├ [38]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [39]: https://vuln.go.dev/ID/GO-2024-2610.json -│ │ │ ╰ [40]: https://www.cve.org/CVERecord?id=CVE-2024-24785 +│ │ │ ├ [34]: https://ubuntu.com/security/notices/USN-6886-1 +│ │ │ ├ [35]: https://ubuntu.com/security/notices/USN-7061-1 +│ │ │ ├ [36]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [37]: https://vuln.go.dev/ID/GO-2024-2610.json +│ │ │ ╰ [38]: https://www.cve.org/CVERecord?id=CVE-2024-24785 │ │ ├ PublishedDate : 2024-03-05T23:15:07.777Z │ │ ╰ LastModifiedDate: 2024-05-01T17:15:29.61Z │ ├ [21] ╭ VulnerabilityID : CVE-2024-24789 │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.11, 1.22.4 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ SeveritySource : nvd │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-24789 │ │ ├ DataSource ╭ ID : govulndb @@ -7779,55 +7766,57 @@ │ │ │ ╰ V3Score : 7.5 │ │ ├ References ╭ [0] : http://www.openwall.com/lists/oss-security/2024/06/0 │ │ │ │ 4/1 -│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:5291 +│ │ │ ├ [1] : https://access.redhat.com/errata/RHSA-2024:9115 │ │ │ ├ [2] : https://access.redhat.com/security/cve/CVE-2024-24789 │ │ │ ├ [3] : https://bugzilla.redhat.com/2279814 │ │ │ ├ [4] : https://bugzilla.redhat.com/2292668 │ │ │ ├ [5] : https://bugzilla.redhat.com/2292787 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2292668 -│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2292787 -│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2294000 +│ │ │ ├ [7] : https://bugzilla.redhat.com/2295310 +│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2292668 +│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2292787 +│ │ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24789 -│ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [11]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24790 -│ │ │ ├ [10]: https://errata.almalinux.org/8/ALSA-2024-5291.html -│ │ │ ├ [11]: https://errata.rockylinux.org/RLSA-2024:4212 -│ │ │ ├ [12]: https://github.com/golang/go/commit/c8e40338cf00f3c1 +│ │ │ ├ [12]: https://errata.almalinux.org/9/ALSA-2024-9115.html +│ │ │ ├ [13]: https://errata.rockylinux.org/RLSA-2024:4212 +│ │ │ ├ [14]: https://github.com/golang/go/commit/c8e40338cf00f3c1 │ │ │ │ d86c8fb23863ad67a4c72bcc (1.21) -│ │ │ ├ [13]: https://github.com/golang/go/commit/cf501ac0c5fe351a +│ │ │ ├ [15]: https://github.com/golang/go/commit/cf501ac0c5fe351a │ │ │ │ 8582d20b43562027927906e7 (1.22) -│ │ │ ├ [14]: https://github.com/golang/go/issues/66869 -│ │ │ ├ [15]: https://go.dev/cl/585397 -│ │ │ ├ [16]: https://go.dev/issue/66869 -│ │ │ ├ [17]: https://groups.google.com/g/golang-announce/c/XbxouI +│ │ │ ├ [16]: https://github.com/golang/go/issues/66869 +│ │ │ ├ [17]: https://go.dev/cl/585397 +│ │ │ ├ [18]: https://go.dev/issue/66869 +│ │ │ ├ [19]: https://groups.google.com/g/golang-announce/c/XbxouI │ │ │ │ 9gY7k -│ │ │ ├ [18]: https://groups.google.com/g/golang-announce/c/XbxouI +│ │ │ ├ [20]: https://groups.google.com/g/golang-announce/c/XbxouI │ │ │ │ 9gY7k/m/TuoGEhxIEwAJ -│ │ │ ├ [19]: https://linux.oracle.com/cve/CVE-2024-24789.html -│ │ │ ├ [20]: https://linux.oracle.com/errata/ELSA-2024-9115.html -│ │ │ ├ [21]: https://lists.fedoraproject.org/archives/list/packag +│ │ │ ├ [21]: https://linux.oracle.com/cve/CVE-2024-24789.html +│ │ │ ├ [22]: https://linux.oracle.com/errata/ELSA-2024-9115.html +│ │ │ ├ [23]: https://lists.fedoraproject.org/archives/list/packag │ │ │ │ e-announce@lists.fedoraproject.org/message/U5YAEIA6I │ │ │ │ UHUNGJ7AIXXPQT6D2GYENX7/ -│ │ │ ├ [22]: https://nvd.nist.gov/vuln/detail/CVE-2024-24789 -│ │ │ ├ [23]: https://pkg.go.dev/vuln/GO-2024-2888 -│ │ │ ├ [24]: https://ubuntu.com/security/notices/USN-6886-1 -│ │ │ ├ [25]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [26]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ │ ╰ [27]: https://www.cve.org/CVERecord?id=CVE-2024-24789 +│ │ │ ├ [24]: https://nvd.nist.gov/vuln/detail/CVE-2024-24789 +│ │ │ ├ [25]: https://pkg.go.dev/vuln/GO-2024-2888 +│ │ │ ├ [26]: https://ubuntu.com/security/notices/USN-6886-1 +│ │ │ ├ [27]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [28]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ │ ╰ [29]: https://www.cve.org/CVERecord?id=CVE-2024-24789 │ │ ├ PublishedDate : 2024-06-05T16:15:10.47Z │ │ ╰ LastModifiedDate: 2024-07-03T01:48:25.51Z │ ├ [22] ╭ VulnerabilityID : CVE-2024-24791 │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.21.12, 1.22.5 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-24791 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -7863,49 +7852,52 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I │ │ │ │ :N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:7349 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9135 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-24791 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2295310 -│ │ │ ├ [3] : https://bugzilla.redhat.com/show_bug.cgi?id=2295310 -│ │ │ ├ [4] : https://bugzilla.redhat.com/show_bug.cgi?id=2310527 -│ │ │ ├ [5] : https://bugzilla.redhat.com/show_bug.cgi?id=2310528 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2310529 -│ │ │ ├ [7] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2268017 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2268022 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2279814 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2295310 +│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2295310 +│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2310527 +│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2310528 +│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2310529 +│ │ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24791 -│ │ │ ├ [8] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [11]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34155 -│ │ │ ├ [9] : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [12]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34156 -│ │ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [13]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34158 -│ │ │ ├ [11]: https://errata.almalinux.org/8/ALSA-2024-7349.html -│ │ │ ├ [12]: https://errata.rockylinux.org/RLSA-2024:6913 -│ │ │ ├ [13]: https://go.dev/cl/591255 -│ │ │ ├ [14]: https://go.dev/issue/67555 -│ │ │ ├ [15]: https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY +│ │ │ ├ [14]: https://errata.almalinux.org/9/ALSA-2024-9135.html +│ │ │ ├ [15]: https://errata.rockylinux.org/RLSA-2024:6913 +│ │ │ ├ [16]: https://go.dev/cl/591255 +│ │ │ ├ [17]: https://go.dev/issue/67555 +│ │ │ ├ [18]: https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY │ │ │ │ /m/6MMoAZkMAgAJ -│ │ │ ├ [16]: https://linux.oracle.com/cve/CVE-2024-24791.html -│ │ │ ├ [17]: https://linux.oracle.com/errata/ELSA-2024-9115.html -│ │ │ ├ [18]: https://nvd.nist.gov/vuln/detail/CVE-2024-24791 -│ │ │ ├ [19]: https://pkg.go.dev/vuln/GO-2024-2963 -│ │ │ ├ [20]: https://ubuntu.com/security/notices/USN-7081-1 -│ │ │ ├ [21]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [22]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ │ ╰ [23]: https://www.cve.org/CVERecord?id=CVE-2024-24791 +│ │ │ ├ [19]: https://linux.oracle.com/cve/CVE-2024-24791.html +│ │ │ ├ [20]: https://linux.oracle.com/errata/ELSA-2024-9115.html +│ │ │ ├ [21]: https://nvd.nist.gov/vuln/detail/CVE-2024-24791 +│ │ │ ├ [22]: https://pkg.go.dev/vuln/GO-2024-2963 +│ │ │ ├ [23]: https://ubuntu.com/security/notices/USN-7081-1 +│ │ │ ├ [24]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [25]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ │ ╰ [26]: https://www.cve.org/CVERecord?id=CVE-2024-24791 │ │ ├ PublishedDate : 2024-07-02T22:15:04.833Z │ │ ╰ LastModifiedDate: 2024-07-08T14:17:39.083Z │ ├ [23] ╭ VulnerabilityID : CVE-2024-34155 │ │ ├ PkgID : stdlib@v1.20.5 │ │ ├ PkgName : stdlib │ │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ │ ╰ UID : 2b80483a0149b949 +│ │ │ ╰ UID : edbf293535d7c3f │ │ ├ InstalledVersion: v1.20.5 │ │ ├ FixedVersion : 1.22.7, 1.23.1 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ │ 3e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ │ 9f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ │ 245acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ │ 3072b7cd9782e2e972f6b │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-34155 │ │ ├ DataSource ╭ ID : govulndb │ │ │ ├ Name: The Go Vulnerability Database @@ -7930,57 +7922,60 @@ │ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I │ │ │ │ :N/A:H │ │ │ ╰ V3Score : 5.9 -│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:8038 +│ │ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9459 │ │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-34155 -│ │ │ ├ [2] : https://bugzilla.redhat.com/2268017 -│ │ │ ├ [3] : https://bugzilla.redhat.com/2310527 -│ │ │ ├ [4] : https://bugzilla.redhat.com/2310528 -│ │ │ ├ [5] : https://bugzilla.redhat.com/2310529 -│ │ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2295310 -│ │ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2310527 -│ │ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2310528 -│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2310529 -│ │ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [2] : https://bugzilla.redhat.com/2310527 +│ │ │ ├ [3] : https://bugzilla.redhat.com/2310528 +│ │ │ ├ [4] : https://bugzilla.redhat.com/2310529 +│ │ │ ├ [5] : https://bugzilla.redhat.com/2315691 +│ │ │ ├ [6] : https://bugzilla.redhat.com/2315887 +│ │ │ ├ [7] : https://bugzilla.redhat.com/2317458 +│ │ │ ├ [8] : https://bugzilla.redhat.com/2317467 +│ │ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2295310 +│ │ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2310527 +│ │ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2310528 +│ │ │ ├ [12]: https://bugzilla.redhat.com/show_bug.cgi?id=2310529 +│ │ │ ├ [13]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-24791 -│ │ │ ├ [11]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [14]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34155 -│ │ │ ├ [12]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34156 -│ │ │ ├ [13]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ │ ├ [16]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ │ 024-34158 -│ │ │ ├ [14]: https://errata.almalinux.org/8/ALSA-2024-8038.html -│ │ │ ├ [15]: https://errata.rockylinux.org/RLSA-2024:6913 -│ │ │ ├ [16]: https://github.com/golang/go/commit/53487e5477151ed7 +│ │ │ ├ [17]: https://errata.almalinux.org/9/ALSA-2024-9459.html +│ │ │ ├ [18]: https://errata.rockylinux.org/RLSA-2024:6913 +│ │ │ ├ [19]: https://github.com/golang/go/commit/53487e5477151ed7 │ │ │ │ 5da50e50a0ba8f1ca64c00a3 (go1.23.1) -│ │ │ ├ [17]: https://github.com/golang/go/commit/b232596139dbe96a +│ │ │ ├ [20]: https://github.com/golang/go/commit/b232596139dbe96a │ │ │ │ 62edbe3a2a203e856bf556eb (go1.22.7) -│ │ │ ├ [18]: https://go.dev/cl/611238 -│ │ │ ├ [19]: https://go.dev/issue/69138 -│ │ │ ├ [20]: https://groups.google.com/g/golang-announce/c/K-cEzD +│ │ │ ├ [21]: https://go.dev/cl/611238 +│ │ │ ├ [22]: https://go.dev/issue/69138 +│ │ │ ├ [23]: https://groups.google.com/g/golang-announce/c/K-cEzD │ │ │ │ eCtpc -│ │ │ ├ [21]: https://groups.google.com/g/golang-dev/c/S9POB9NCTdk -│ │ │ ├ [22]: https://linux.oracle.com/cve/CVE-2024-34155.html -│ │ │ ├ [23]: https://linux.oracle.com/errata/ELSA-2024-9459.html -│ │ │ ├ [24]: https://nvd.nist.gov/vuln/detail/CVE-2024-34155 -│ │ │ ├ [25]: https://pkg.go.dev/vuln/GO-2024-3105 -│ │ │ ├ [26]: https://ubuntu.com/security/notices/USN-7081-1 -│ │ │ ├ [27]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ │ ├ [28]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ │ ╰ [29]: https://www.cve.org/CVERecord?id=CVE-2024-34155 +│ │ │ ├ [24]: https://groups.google.com/g/golang-dev/c/S9POB9NCTdk +│ │ │ ├ [25]: https://linux.oracle.com/cve/CVE-2024-34155.html +│ │ │ ├ [26]: https://linux.oracle.com/errata/ELSA-2024-9459.html +│ │ │ ├ [27]: https://nvd.nist.gov/vuln/detail/CVE-2024-34155 +│ │ │ ├ [28]: https://pkg.go.dev/vuln/GO-2024-3105 +│ │ │ ├ [29]: https://ubuntu.com/security/notices/USN-7081-1 +│ │ │ ├ [30]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ │ ├ [31]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ │ ╰ [32]: https://www.cve.org/CVERecord?id=CVE-2024-34155 │ │ ├ PublishedDate : 2024-09-06T21:15:11.947Z │ │ ╰ LastModifiedDate: 2024-11-04T17:35:17.887Z │ ╰ [24] ╭ VulnerabilityID : CVE-2024-34158 │ ├ PkgID : stdlib@v1.20.5 │ ├ PkgName : stdlib │ ├ PkgIdentifier ╭ PURL: pkg:golang/stdlib@v1.20.5 -│ │ ╰ UID : 2b80483a0149b949 +│ │ ╰ UID : edbf293535d7c3f │ ├ InstalledVersion: v1.20.5 │ ├ FixedVersion : 1.22.7, 1.23.1 │ ├ Status : fixed -│ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b3 -│ │ │ 3e760ec97632069cf0cd6 -│ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f2 -│ │ 9f050019c4e091cda1b1c +│ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c +│ │ │ 245acf1047f9e4ec8f9b0 +│ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e9 +│ │ 3072b7cd9782e2e972f6b │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-34158 │ ├ DataSource ╭ ID : govulndb │ │ ├ Name: The Go Vulnerability Database @@ -8007,43 +8002,46 @@ │ │ ╰ redhat ╭ V3Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I │ │ │ :N/A:H │ │ ╰ V3Score : 5.9 -│ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:8038 +│ ├ References ╭ [0] : https://access.redhat.com/errata/RHSA-2024:9459 │ │ ├ [1] : https://access.redhat.com/security/cve/CVE-2024-34158 -│ │ ├ [2] : https://bugzilla.redhat.com/2268017 -│ │ ├ [3] : https://bugzilla.redhat.com/2310527 -│ │ ├ [4] : https://bugzilla.redhat.com/2310528 -│ │ ├ [5] : https://bugzilla.redhat.com/2310529 -│ │ ├ [6] : https://bugzilla.redhat.com/show_bug.cgi?id=2295310 -│ │ ├ [7] : https://bugzilla.redhat.com/show_bug.cgi?id=2310527 -│ │ ├ [8] : https://bugzilla.redhat.com/show_bug.cgi?id=2310528 -│ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2310529 -│ │ ├ [10]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ ├ [2] : https://bugzilla.redhat.com/2310527 +│ │ ├ [3] : https://bugzilla.redhat.com/2310528 +│ │ ├ [4] : https://bugzilla.redhat.com/2310529 +│ │ ├ [5] : https://bugzilla.redhat.com/2315691 +│ │ ├ [6] : https://bugzilla.redhat.com/2315887 +│ │ ├ [7] : https://bugzilla.redhat.com/2317458 +│ │ ├ [8] : https://bugzilla.redhat.com/2317467 +│ │ ├ [9] : https://bugzilla.redhat.com/show_bug.cgi?id=2295310 +│ │ ├ [10]: https://bugzilla.redhat.com/show_bug.cgi?id=2310527 +│ │ ├ [11]: https://bugzilla.redhat.com/show_bug.cgi?id=2310528 +│ │ ├ [12]: https://bugzilla.redhat.com/show_bug.cgi?id=2310529 +│ │ ├ [13]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ 024-24791 -│ │ ├ [11]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ ├ [14]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ 024-34155 -│ │ ├ [12]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ ├ [15]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ 024-34156 -│ │ ├ [13]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 +│ │ ├ [16]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2 │ │ │ 024-34158 -│ │ ├ [14]: https://errata.almalinux.org/8/ALSA-2024-8038.html -│ │ ├ [15]: https://errata.rockylinux.org/RLSA-2024:6913 -│ │ ├ [16]: https://github.com/golang/go/commit/032ac075c20c01c6 +│ │ ├ [17]: https://errata.almalinux.org/9/ALSA-2024-9459.html +│ │ ├ [18]: https://errata.rockylinux.org/RLSA-2024:6913 +│ │ ├ [19]: https://github.com/golang/go/commit/032ac075c20c01c6 │ │ │ c35a672d1542d3e98eab84ea (go1.23.1) -│ │ ├ [17]: https://github.com/golang/go/commit/d4c53812e6ce2ac3 +│ │ ├ [20]: https://github.com/golang/go/commit/d4c53812e6ce2ac3 │ │ │ 68173d7fcd31d0ecfcffb002 (go1.22.7) -│ │ ├ [18]: https://go.dev/cl/611240 -│ │ ├ [19]: https://go.dev/issue/69141 -│ │ ├ [20]: https://groups.google.com/g/golang-announce/c/K-cEzD +│ │ ├ [21]: https://go.dev/cl/611240 +│ │ ├ [22]: https://go.dev/issue/69141 +│ │ ├ [23]: https://groups.google.com/g/golang-announce/c/K-cEzD │ │ │ eCtpc -│ │ ├ [21]: https://groups.google.com/g/golang-dev/c/S9POB9NCTdk -│ │ ├ [22]: https://linux.oracle.com/cve/CVE-2024-34158.html -│ │ ├ [23]: https://linux.oracle.com/errata/ELSA-2024-9459.html -│ │ ├ [24]: https://nvd.nist.gov/vuln/detail/CVE-2024-34158 -│ │ ├ [25]: https://pkg.go.dev/vuln/GO-2024-3107 -│ │ ├ [26]: https://ubuntu.com/security/notices/USN-7081-1 -│ │ ├ [27]: https://ubuntu.com/security/notices/USN-7109-1 -│ │ ├ [28]: https://ubuntu.com/security/notices/USN-7111-1 -│ │ ╰ [29]: https://www.cve.org/CVERecord?id=CVE-2024-34158 +│ │ ├ [24]: https://groups.google.com/g/golang-dev/c/S9POB9NCTdk +│ │ ├ [25]: https://linux.oracle.com/cve/CVE-2024-34158.html +│ │ ├ [26]: https://linux.oracle.com/errata/ELSA-2024-9459.html +│ │ ├ [27]: https://nvd.nist.gov/vuln/detail/CVE-2024-34158 +│ │ ├ [28]: https://pkg.go.dev/vuln/GO-2024-3107 +│ │ ├ [29]: https://ubuntu.com/security/notices/USN-7081-1 +│ │ ├ [30]: https://ubuntu.com/security/notices/USN-7109-1 +│ │ ├ [31]: https://ubuntu.com/security/notices/USN-7111-1 +│ │ ╰ [32]: https://www.cve.org/CVERecord?id=CVE-2024-34158 │ ├ PublishedDate : 2024-09-06T21:15:12.083Z │ ╰ LastModifiedDate: 2024-09-09T14:35:01.17Z ├ [4] ╭ Target : usr/bin/docker-compose @@ -8057,10 +8055,10 @@ │ ├ InstalledVersion: v0.29.0 │ ├ FixedVersion : 0.33.0 │ ├ Status : fixed -│ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b33 -│ │ │ e760ec97632069cf0cd6 -│ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f29 -│ │ f050019c4e091cda1b1c +│ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c2 +│ │ │ 45acf1047f9e4ec8f9b0 +│ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e93 +│ │ 072b7cd9782e2e972f6b │ ├ SeveritySource : ghsa │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-45338 │ ├ DataSource ╭ ID : ghsa @@ -8103,10 +8101,10 @@ │ ├ InstalledVersion: v0.26.0 │ ├ FixedVersion : 0.33.0 │ ├ Status : fixed -│ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b33 -│ │ │ e760ec97632069cf0cd6 -│ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f29 -│ │ f050019c4e091cda1b1c +│ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c2 +│ │ │ 45acf1047f9e4ec8f9b0 +│ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e93 +│ │ 072b7cd9782e2e972f6b │ ├ SeveritySource : ghsa │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-45338 │ ├ DataSource ╭ ID : ghsa @@ -8149,10 +8147,10 @@ │ ├ InstalledVersion: v0.30.0 │ ├ FixedVersion : 0.33.0 │ ├ Status : fixed -│ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b33 -│ │ │ e760ec97632069cf0cd6 -│ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f29 -│ │ f050019c4e091cda1b1c +│ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c2 +│ │ │ 45acf1047f9e4ec8f9b0 +│ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e93 +│ │ 072b7cd9782e2e972f6b │ ├ SeveritySource : ghsa │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-45338 │ ├ DataSource ╭ ID : ghsa @@ -8195,10 +8193,10 @@ │ │ ├ InstalledVersion: v0.27.0 │ │ ├ FixedVersion : 0.31.0 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b33 -│ │ │ │ e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f29 -│ │ │ f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c2 +│ │ │ │ 45acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e93 +│ │ │ 072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-45337 │ │ ├ DataSource ╭ ID : ghsa @@ -8281,10 +8279,10 @@ │ ├ InstalledVersion: v0.29.0 │ ├ FixedVersion : 0.33.0 │ ├ Status : fixed -│ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b33 -│ │ │ e760ec97632069cf0cd6 -│ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f29 -│ │ f050019c4e091cda1b1c +│ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c2 +│ │ │ 45acf1047f9e4ec8f9b0 +│ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e93 +│ │ 072b7cd9782e2e972f6b │ ├ SeveritySource : ghsa │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-45338 │ ├ DataSource ╭ ID : ghsa @@ -8328,10 +8326,10 @@ │ │ ├ InstalledVersion: v27.0.3+incompatible │ │ ├ FixedVersion : 23.0.15, 26.1.5, 27.1.1, 25.0.6 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b33 -│ │ │ │ e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f29 -│ │ │ f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c2 +│ │ │ │ 45acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e93 +│ │ │ 072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-41110 │ │ ├ DataSource ╭ ID : ghsa @@ -8427,10 +8425,10 @@ │ │ ├ InstalledVersion: v0.24.0 │ │ ├ FixedVersion : 0.31.0 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b33 -│ │ │ │ e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f29 -│ │ │ f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c2 +│ │ │ │ 45acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e93 +│ │ │ 072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-45337 │ │ ├ DataSource ╭ ID : ghsa @@ -8513,10 +8511,10 @@ │ │ ├ InstalledVersion: v0.26.0 │ │ ├ FixedVersion : 0.33.0 │ │ ├ Status : fixed -│ │ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b33 -│ │ │ │ e760ec97632069cf0cd6 -│ │ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f29 -│ │ │ f050019c4e091cda1b1c +│ │ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c2 +│ │ │ │ 45acf1047f9e4ec8f9b0 +│ │ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e93 +│ │ │ 072b7cd9782e2e972f6b │ │ ├ SeveritySource : ghsa │ │ ├ PrimaryURL : https://avd.aquasec.com/nvd/cve-2024-45338 │ │ ├ DataSource ╭ ID : ghsa @@ -8556,10 +8554,10 @@ │ ├ InstalledVersion: v1.64.0 │ ├ FixedVersion : 1.64.1 │ ├ Status : fixed -│ ├ Layer ╭ Digest: sha256:d244376047b3b447a72643b6cd94cb4b359562d59b33 -│ │ │ e760ec97632069cf0cd6 -│ │ ╰ DiffID: sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f29 -│ │ f050019c4e091cda1b1c +│ ├ Layer ╭ Digest: sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c2 +│ │ │ 45acf1047f9e4ec8f9b0 +│ │ ╰ DiffID: sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e93 +│ │ 072b7cd9782e2e972f6b │ ├ SeveritySource : ghsa │ ├ PrimaryURL : https://github.com/advisories/GHSA-xr7q-jx4m-x55m │ ├ DataSource ╭ ID : ghsa @@ -8588,7 +8586,7 @@ │ │ 7a7786754d1fe05264c3021eb │ ╰ [2]: https://github.com/grpc/grpc-go/security/advisories/GH │ SA-xr7q-jx4m-x55m -├ [9] ╭ Target : /etc/ssh/ssh_host_ed25519_key +├ [9] ╭ Target : /etc/ssh/ssh_host_ecdsa_key │ ├ Class : secret │ ╰ Secrets ─ [0] ╭ RuleID : private-key │ ├ Category : AsymmetricPrivateKey @@ -8600,14 +8598,16 @@ │ │ │ ├ Content : BEGIN OPENSSH PRIVATE │ │ │ │ KEY-----*************************************** │ │ │ │ *********************************************** -│ │ │ │ *********************-----END OPENSSH PRI +│ │ │ │ *****************************-----END OPENSSH +│ │ │ │ PRI │ │ │ ├ IsCause : true │ │ │ ├ Annotation : │ │ │ ├ Truncated : false │ │ │ ├ Highlighted: BEGIN OPENSSH PRIVATE │ │ │ │ KEY-----*************************************** │ │ │ │ *********************************************** -│ │ │ │ *********************-----END OPENSSH PRI +│ │ │ │ *****************************-----END OPENSSH +│ │ │ │ PRI │ │ │ ├ FirstCause : true │ │ │ ╰ LastCause : true │ │ ╰ [1] ╭ Number : 2 @@ -8620,13 +8620,13 @@ │ ├ Match : BEGIN OPENSSH PRIVATE │ │ KEY-----******************************************************************* │ │ *************************************************************************** -│ │ **************************************************-----END OPENSSH PRI -│ ╰ Layer ╭ Digest : sha256:d244376047b3b447a72643b6cd94cb4b359562d59b33e760ec976320 -│ │ 69cf0cd6 -│ ├ DiffID : sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f29f050019c4e09 -│ │ 1cda1b1c +│ │ **-----END OPENSSH PRI +│ ╰ Layer ╭ Digest : sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c245acf1047f9e +│ │ 4ec8f9b0 +│ ├ DiffID : sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e93072b7cd9782e +│ │ 2e972f6b │ ╰ CreatedBy: COPY / / # buildkit -├ [10] ╭ Target : /etc/ssh/ssh_host_rsa_key +├ [10] ╭ Target : /etc/ssh/ssh_host_ed25519_key │ ├ Class : secret │ ╰ Secrets ─ [0] ╭ RuleID : private-key │ ├ Category : AsymmetricPrivateKey @@ -8638,14 +8638,14 @@ │ │ │ ├ Content : BEGIN OPENSSH PRIVATE │ │ │ │ KEY-----*************************************** │ │ │ │ *********************************************** -│ │ │ │ ***********-----END OPENSSH PRI +│ │ │ │ *********************-----END OPENSSH PRI │ │ │ ├ IsCause : true │ │ │ ├ Annotation : │ │ │ ├ Truncated : false │ │ │ ├ Highlighted: BEGIN OPENSSH PRIVATE │ │ │ │ KEY-----*************************************** │ │ │ │ *********************************************** -│ │ │ │ ***********-----END OPENSSH PRI +│ │ │ │ *********************-----END OPENSSH PRI │ │ │ ├ FirstCause : true │ │ │ ╰ LastCause : true │ │ ╰ [1] ╭ Number : 2 @@ -8658,14 +8658,13 @@ │ ├ Match : BEGIN OPENSSH PRIVATE │ │ KEY-----******************************************************************* │ │ *************************************************************************** -│ │ **************************************************************************- -│ │ ----END OPENSSH PRI -│ ╰ Layer ╭ Digest : sha256:d244376047b3b447a72643b6cd94cb4b359562d59b33e760ec976320 -│ │ 69cf0cd6 -│ ├ DiffID : sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f29f050019c4e09 -│ │ 1cda1b1c +│ │ **************************************************-----END OPENSSH PRI +│ ╰ Layer ╭ Digest : sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c245acf1047f9e +│ │ 4ec8f9b0 +│ ├ DiffID : sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e93072b7cd9782e +│ │ 2e972f6b │ ╰ CreatedBy: COPY / / # buildkit -╰ [11] ╭ Target : /etc/ssh/ssh_host_ecdsa_key +╰ [11] ╭ Target : /etc/ssh/ssh_host_rsa_key ├ Class : secret ╰ Secrets ─ [0] ╭ RuleID : private-key ├ Category : AsymmetricPrivateKey @@ -8677,16 +8676,14 @@ │ │ ├ Content : BEGIN OPENSSH PRIVATE │ │ │ KEY-----*************************************** │ │ │ *********************************************** - │ │ │ *****************************-----END OPENSSH - │ │ │ PRI + │ │ │ ***********-----END OPENSSH PRI │ │ ├ IsCause : true │ │ ├ Annotation : │ │ ├ Truncated : false │ │ ├ Highlighted: BEGIN OPENSSH PRIVATE │ │ │ KEY-----*************************************** │ │ │ *********************************************** - │ │ │ *****************************-----END OPENSSH - │ │ │ PRI + │ │ │ ***********-----END OPENSSH PRI │ │ ├ FirstCause : true │ │ ╰ LastCause : true │ ╰ [1] ╭ Number : 2 @@ -8699,10 +8696,11 @@ ├ Match : BEGIN OPENSSH PRIVATE │ KEY-----******************************************************************* │ *************************************************************************** - │ **-----END OPENSSH PRI - ╰ Layer ╭ Digest : sha256:d244376047b3b447a72643b6cd94cb4b359562d59b33e760ec976320 - │ 69cf0cd6 - ├ DiffID : sha256:10da0a8ad04042ad7ebb1f92fe90babd5649e0218f29f050019c4e09 - │ 1cda1b1c + │ **************************************************************************- + │ ----END OPENSSH PRI + ╰ Layer ╭ Digest : sha256:20c08d7865479cc2941461f45179ca97ddc1c513e3c245acf1047f9e + │ 4ec8f9b0 + ├ DiffID : sha256:35ff3fcc7343804067a0060eb66b92792f9572fb6e93072b7cd9782e + │ 2e972f6b ╰ CreatedBy: COPY / / # buildkit ````