Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ACK Detected Controllers CVEs #2159

Open
ack-bot opened this issue Sep 3, 2024 · 0 comments
Open

ACK Detected Controllers CVEs #2159

ack-bot opened this issue Sep 3, 2024 · 0 comments
Labels
kind/cve Categorizes issue or PR as related to CVE. prow/auto-gen PRs related to prow auto generation automation

Comments

@ack-bot
Copy link
Collaborator

ack-bot commented Sep 3, 2024

CVE ID Type Severity Installed Version Fixed Version Affected Controllers Title
CVE-2024-24788 gobinary HIGH 1.22.2 1.22.3 [elasticache] golang: net: malformed DNS message can cause infinite loop
CVE-2024-24789 gobinary MEDIUM 1.22.2 1.21.11, 1.22.4 [elasticache] golang: archive/zip: Incorrect handling of certain ZIP files
CVE-2024-24791 gobinary MEDIUM 1.22.2 1.21.12, 1.22.5 [elasticache] net/http: Denial of service due to improper 100-continue handling in net/http
CVE-2024-39689 amazon LOW 2023.2.64-1.amzn2.0.1 2023.2.68-1.amzn2.0.1 ALL python-certifi: Remove root certificates from GLOBALTRUST from the root store
CVE-2024-24790 gobinary CRITICAL 1.22.2 1.21.11, 1.22.4 [elasticache] golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
@ack-bot ack-bot added the kind/cve Categorizes issue or PR as related to CVE. label Sep 3, 2024
@a-hilaly a-hilaly added the prow/auto-gen PRs related to prow auto generation automation label Sep 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/cve Categorizes issue or PR as related to CVE. prow/auto-gen PRs related to prow auto generation automation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@a-hilaly @ack-bot