golang-github-prometheus was added to epel8 repo on 2024-11-06
Page updated: 2024-11-06 02:43
Repo Status -
Overall Status
Source NVR: golang-github-prometheus-2.32.1-2.el8 (2024-11-06)
| golang-github-prometheus | golang-github-prometheus-2.32.1-2.el8 |
| 2061806 | NEW | CVE-2022-0235 golang-github-prometheus: node-fetch: exposure of sensitive information to an unauthorized actor [epel-all] |
| 2062720 | NEW | CVE-2022-0536 golang-github-prometheus: follow-redirects: Exposure of Sensitive Information via Authorization Header leak [epel-all] |
| 2067347 | NEW | CVE-2022-21698 golang-github-prometheus: prometheus/client_golang: Denial of service using InstrumentHandlerCounter [epel-all] |
| 2067354 | NEW | CVE-2022-21698 golang-github-prometheus: prometheus/client_golang: Denial of service using InstrumentHandlerCounter [epel-8] |
| 2069008 | NEW | CVE-2022-24771 golang-github-prometheus: node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery [epel-all] |
| 2069018 | NEW | CVE-2022-24772 golang-github-prometheus: node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery [epel-all] |
| 2069036 | NEW | CVE-2022-24773 golang-github-prometheus: node-forge: Signature verification leniency in checking `DigestInfo` structure [epel-all] |
| 2075253 | NEW | CVE-2022-24785 golang-github-prometheus: Moment.js: Path traversal in moment.locale [epel-all] |
| 2075278 | NEW | CVE-2022-24785 golang-github-prometheus: Moment.js: Path traversal in moment.locale [epel-all] |
| 2084683 | NEW | CVE-2022-24675 golang-github-prometheus: golang: encoding/pem: fix stack overflow in Decode [epel-8] |
| 2084863 | NEW | CVE-2022-28327 golang-github-prometheus: golang: crypto/elliptic: panic caused by oversized scalar [epel-8] |
| 2123457 | NEW | CVE-2022-25887 golang-github-prometheus: sanitize-html: insecure global regular expression replacement logic may lead to ReDoS [epel-all] |
| 2134316 | NEW | CVE-2022-21222 golang-github-prometheus: css-what: ReDoS due to insecure regular expression [epel-all] |
| 2135442 | NEW | CVE-2022-3517 golang-github-prometheus: nodejs-minimatch: ReDoS via the braceExpand function [epel-all] |
| 2140598 | NEW | CVE-2022-37603 golang-github-prometheus: loader-utils:Regular expression denial of service [epel-all] |
| 2149437 | NEW | CVE-2022-46146 golang-github-prometheus: exporter-toolkit: authentication bypass via cache poisoning [epel-all] |
| 2163043 | NEW | CVE-2022-41717 golang-github-prometheus: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests [epel-all] |
| 2174512 | NEW | golang-github-prometheus: containerd: Supplementary groups are not set up properly [epel-all] |
| 2178399 | NEW | CVE-2022-41723 golang-github-prometheus: golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding [epel-all] |
| 2209311 | NEW | CVE-2022-37599 golang-github-prometheus: loader-utils: regular expression denial of service in interpolateName.js [epel-all] |
| 2216894 | NEW | CVE-2023-26115 golang-github-prometheus: word-wrap: ReDoS [epel-all] |
| 2220674 | NEW | CVE-2023-26136 golang-github-prometheus: tough-cookie: prototype pollution in cookie memstore [epel-all] |
| 2222508 | NEW | CVE-2022-25883 golang-github-prometheus: nodejs-semver: Regular expression denial of service [epel-all] |
| 2246628 | NEW | CVE-2023-46234 golang-github-prometheus: browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack [epel-all] |
| 2248224 | NEW | golang-github-prometheus: golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325) [epel-all] |
| 2252886 | NEW | TRIAGE CVE-2023-5332 golang-github-prometheus: consul: Command injection through script checks option [epel-all] |
| 2253442 | NEW | CVE-2023-45133 golang-github-prometheus: babel: arbitrary code execution [epel-all] |
| 2256415 | NEW | TRIAGE CVE-2023-26159 golang-github-prometheus: follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() [epel-all] |
| 2265683 | NEW | CVE-2023-42282 golang-github-prometheus: nodejs-ip: arbitrary code execution via the isPublic() function [epel-all] |
| 2266115 | NEW | TRIAGE CVE-2024-21501 golang-github-prometheus: sanitize-html: Information Exposure when used on the backend [epel-all] |
| 2273052 | NEW | TRIAGE CVE-2024-30255 golang-github-prometheus: envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood [epel-all] |
| 2280612 | NEW | CVE-2024-4068 golang-github-prometheus: braces: fails to limit the number of characters it can handle [epel-all] |
| 2280766 | NEW | CVE-2024-4067 golang-github-prometheus: micromatch: vulnerable to Regular Expression Denial of Service [epel-all] |
| 2284588 | NEW | CVE-2024-29415 golang-github-prometheus: node-ip: Inomplete fix for CVE-2023-42282 [epel-all] |
| 2290907 | NEW | CVE-2024-29041 golang-github-prometheus: express: cause malformed URLs to be evaluated [epel-all] |
| 2303443 | NEW | CVE-2024-37890 golang-github-prometheus: denial of service when handling a request with many HTTP headers [epel-all] |