golang-github-prometheus was added to epel8 repo on 2021-03-07
Page updated: 2024-04-20 17:48
Repo Status -
Overall Status
Source NVR: golang-github-prometheus-2.32.1-2.el8 (2022-02-05)
golang-github-prometheus | golang-github-prometheus-2.32.1-2.el8 |
2061806 | NEW | CVE-2022-0235 golang-github-prometheus: node-fetch: exposure of sensitive information to an unauthorized actor [epel-all] |
2062720 | NEW | CVE-2022-0536 golang-github-prometheus: follow-redirects: Exposure of Sensitive Information via Authorization Header leak [epel-all] |
2067347 | NEW | CVE-2022-21698 golang-github-prometheus: prometheus/client_golang: Denial of service using InstrumentHandlerCounter [epel-all] |
2067354 | NEW | CVE-2022-21698 golang-github-prometheus: prometheus/client_golang: Denial of service using InstrumentHandlerCounter [epel-8] |
2069008 | NEW | CVE-2022-24771 golang-github-prometheus: node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery [epel-all] |
2069018 | NEW | CVE-2022-24772 golang-github-prometheus: node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery [epel-all] |
2069036 | NEW | CVE-2022-24773 golang-github-prometheus: node-forge: Signature verification leniency in checking `DigestInfo` structure [epel-all] |
2075253 | NEW | CVE-2022-24785 golang-github-prometheus: Moment.js: Path traversal in moment.locale [epel-all] |
2075278 | NEW | CVE-2022-24785 golang-github-prometheus: Moment.js: Path traversal in moment.locale [epel-all] |
2084683 | NEW | CVE-2022-24675 golang-github-prometheus: golang: encoding/pem: fix stack overflow in Decode [epel-8] |
2084863 | NEW | CVE-2022-28327 golang-github-prometheus: golang: crypto/elliptic: panic caused by oversized scalar [epel-8] |
2123457 | NEW | CVE-2022-25887 golang-github-prometheus: sanitize-html: insecure global regular expression replacement logic may lead to ReDoS [epel-all] |
2134316 | NEW | CVE-2022-21222 golang-github-prometheus: css-what: ReDoS due to insecure regular expression [epel-all] |
2135442 | NEW | CVE-2022-3517 golang-github-prometheus: nodejs-minimatch: ReDoS via the braceExpand function [epel-all] |
2140598 | NEW | CVE-2022-37603 golang-github-prometheus: loader-utils:Regular expression denial of service [epel-all] |
2149437 | NEW | CVE-2022-46146 golang-github-prometheus: exporter-toolkit: authentication bypass via cache poisoning [epel-all] |
2163043 | NEW | CVE-2022-41717 golang-github-prometheus: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests [epel-all] |
2174512 | NEW | golang-github-prometheus: containerd: Supplementary groups are not set up properly [epel-all] |
2178399 | NEW | CVE-2022-41723 golang-github-prometheus: golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding [epel-all] |
2209311 | NEW | CVE-2022-37599 golang-github-prometheus: loader-utils: regular expression denial of service in interpolateName.js [epel-all] |
2216894 | NEW | CVE-2023-26115 golang-github-prometheus: word-wrap: ReDoS [epel-all] |
2220674 | NEW | CVE-2023-26136 golang-github-prometheus: tough-cookie: prototype pollution in cookie memstore [epel-all] |
2222508 | NEW | CVE-2022-25883 golang-github-prometheus: nodejs-semver: Regular expression denial of service [epel-all] |
2246628 | NEW | CVE-2023-46234 golang-github-prometheus: browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack [epel-all] |
2248224 | NEW | golang-github-prometheus: golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325) [epel-all] |
2252886 | NEW | TRIAGE CVE-2023-5332 golang-github-prometheus: consul: Command injection through script checks option [epel-all] |
2253442 | NEW | CVE-2023-45133 golang-github-prometheus: babel: arbitrary code execution [epel-all] |
2256415 | NEW | TRIAGE CVE-2023-26159 golang-github-prometheus: follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() [epel-all] |
2265683 | NEW | CVE-2023-42282 golang-github-prometheus: nodejs-ip: arbitrary code execution via the isPublic() function [epel-all] |
2266115 | NEW | TRIAGE CVE-2024-21501 golang-github-prometheus: sanitize-html: Information Exposure when used on the backend [epel-all] |
2273052 | NEW | TRIAGE CVE-2024-30255 golang-github-prometheus: envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood [epel-all] |