golang-github-prometheus Info

golang-github-prometheus was added to epel8 repo on 2021-03-07
Page updated: 2024-04-20 17:48
Repo Status - Overall Status

Source NVR: golang-github-prometheus-2.32.1-2.el8 (2022-02-05)

Binary Packages

golang-github-prometheus golang-github-prometheus-2.32.1-2.el8

Bugs

2061806 NEW CVE-2022-0235 golang-github-prometheus: node-fetch: exposure of sensitive information to an unauthorized actor [epel-all]
2062720 NEW CVE-2022-0536 golang-github-prometheus: follow-redirects: Exposure of Sensitive Information via Authorization Header leak [epel-all]
2067347 NEW CVE-2022-21698 golang-github-prometheus: prometheus/client_golang: Denial of service using InstrumentHandlerCounter [epel-all]
2067354 NEW CVE-2022-21698 golang-github-prometheus: prometheus/client_golang: Denial of service using InstrumentHandlerCounter [epel-8]
2069008 NEW CVE-2022-24771 golang-github-prometheus: node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery [epel-all]
2069018 NEW CVE-2022-24772 golang-github-prometheus: node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery [epel-all]
2069036 NEW CVE-2022-24773 golang-github-prometheus: node-forge: Signature verification leniency in checking `DigestInfo` structure [epel-all]
2075253 NEW CVE-2022-24785 golang-github-prometheus: Moment.js: Path traversal in moment.locale [epel-all]
2075278 NEW CVE-2022-24785 golang-github-prometheus: Moment.js: Path traversal in moment.locale [epel-all]
2084683 NEW CVE-2022-24675 golang-github-prometheus: golang: encoding/pem: fix stack overflow in Decode [epel-8]
2084863 NEW CVE-2022-28327 golang-github-prometheus: golang: crypto/elliptic: panic caused by oversized scalar [epel-8]
2123457 NEW CVE-2022-25887 golang-github-prometheus: sanitize-html: insecure global regular expression replacement logic may lead to ReDoS [epel-all]
2134316 NEW CVE-2022-21222 golang-github-prometheus: css-what: ReDoS due to insecure regular expression [epel-all]
2135442 NEW CVE-2022-3517 golang-github-prometheus: nodejs-minimatch: ReDoS via the braceExpand function [epel-all]
2140598 NEW CVE-2022-37603 golang-github-prometheus: loader-utils:Regular expression denial of service [epel-all]
2149437 NEW CVE-2022-46146 golang-github-prometheus: exporter-toolkit: authentication bypass via cache poisoning [epel-all]
2163043 NEW CVE-2022-41717 golang-github-prometheus: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests [epel-all]
2174512 NEW golang-github-prometheus: containerd: Supplementary groups are not set up properly [epel-all]
2178399 NEW CVE-2022-41723 golang-github-prometheus: golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding [epel-all]
2209311 NEW CVE-2022-37599 golang-github-prometheus: loader-utils: regular expression denial of service in interpolateName.js [epel-all]
2216894 NEW CVE-2023-26115 golang-github-prometheus: word-wrap: ReDoS [epel-all]
2220674 NEW CVE-2023-26136 golang-github-prometheus: tough-cookie: prototype pollution in cookie memstore [epel-all]
2222508 NEW CVE-2022-25883 golang-github-prometheus: nodejs-semver: Regular expression denial of service [epel-all]
2246628 NEW CVE-2023-46234 golang-github-prometheus: browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack [epel-all]
2248224 NEW golang-github-prometheus: golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325) [epel-all]
2252886 NEW TRIAGE CVE-2023-5332 golang-github-prometheus: consul: Command injection through script checks option [epel-all]
2253442 NEW CVE-2023-45133 golang-github-prometheus: babel: arbitrary code execution [epel-all]
2256415 NEW TRIAGE CVE-2023-26159 golang-github-prometheus: follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() [epel-all]
2265683 NEW CVE-2023-42282 golang-github-prometheus: nodejs-ip: arbitrary code execution via the isPublic() function [epel-all]
2266115 NEW TRIAGE CVE-2024-21501 golang-github-prometheus: sanitize-html: Information Exposure when used on the backend [epel-all]
2273052 NEW TRIAGE CVE-2024-30255 golang-github-prometheus: envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood [epel-all]

Install Failures