CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
3Fedoraproject GolangNetapp3Fedora GoKubernetes Monitoring OperatorNov 21, 2024 Apr 20, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. |
3Debian GolangNetapp6Beegfs Csi Driver Cloud Insights Telegraf AgentDebian Linux+3 moreNov 21, 2024 Feb 11, 2022 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. |
2Golang Netapp5Beegfs Csi Driver Cloud Insights Telegraf AgentGo+2 moreNov 21, 2024 Feb 11, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches b...Show more |
3Debian GolangNetapp6Beegfs Csi Driver Cloud Insights Telegraf AgentDebian Linux+3 moreNov 21, 2024 Feb 11, 2022 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. |