-
Notifications
You must be signed in to change notification settings - Fork 202
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE Vulnerabilities in 1.12.2 #754
Labels
Comments
Hey @s-bauer, |
@ckotzbauer Yea will have a look over the weekend and hopefully open a PR |
Thank you @s-bauer! |
1 similar comment
Thank you @s-bauer! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hey, just want to bring a few CVE vulnerabilities to your attention that affect the latest version of kured:
Package: github.com/emicklei/go-restful/v3
Severity: high
Info: [security] Path parser inconsistency could lead to bypass several security checks in emicklei/go-restful emicklei/go-restful#497
Impacted versions: <v3.10.0
Package: go
Severity: high
Info: https://nvd.nist.gov/vuln/detail/CVE-2023-24537
Impacted Versions: < 1.19.8
Fixed in: 1.20.3, 1.19.8
Operating System
Severity: high
Package: openssl
Info: https://nvd.nist.gov/vuln/detail/CVE-2023-0464
Impacted versions: <3.0.8-r1
Fixed in: 3.0.8-r1
Operating System
Severity: medium
Package: openssl
Info: https://nvd.nist.gov/vuln/detail/CVE-2023-0466
Impacted versions: <3.0.8-r3
Fixed in: 3.0.8-r3
Operating System
Severity: medium
Package: openssl
Info: https://nvd.nist.gov/vuln/detail/CVE-2023-0465
Impacted versions: <3.0.8-r2
Fixed in: 3.0.8-r2
To fix those I think the following steps should be taken:
The text was updated successfully, but these errors were encountered: