Search for packages
| purl | pkg:rpm/redhat/ose-cluster-dns-operator-container@4.10.0-202207291908.p0.gbc48e0a.assembly?arch=stream |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3jz7-muy2-aaam
Aliases: CVE-2022-30631 |
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. | There are no reported fixed by versions. |
|
VCID-ftng-xjpg-aaag
Aliases: CVE-2022-23806 |
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. | There are no reported fixed by versions. |
|
VCID-xn43-hdj8-aaad
Aliases: CVE-2022-23773 |
cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags. | There are no reported fixed by versions. |
|
VCID-xy23-uwrw-aaad
Aliases: CVE-2022-28327 |
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|