GO-2024-2934 Minder affected by denial of service from maliciously configured Git repository in github.com/stacklok/minder

Minder affected by denial of service from maliciously configured Git repository in github.com/stacklok/minder...

CVE-2024-35194 Stacklok Minder vulnerable to denial of service from maliciously crafted templates

Minder is a software supply chain security platform. Prior to version 0.0.50, Minder engine is susceptible to a denial of service from memory exhaustion that can be triggered from maliciously created templates. Minder engine uses templating to generate strings for various use cases such as URLs,...

GHSA-CRGC-2583-RW27 Stacklok Minder vulnerable to denial of service from maliciously crafted templates

Minder engine is susceptible to a denial of service from memory exhaustion that can be triggered from maliciously created templates. Minder engine uses templating to generate strings for various use cases such as URLs, messages for pull requests, descriptions for advisories. In some cases can the...

GO-2024-2821 Denial of Service from untrusted requests in github.com/stacklok/minder

HandleGithubWebhook is susceptible to a denial of service attack from an untrusted HTTP request. An untrusted request can cause the server to allocate large amounts of memory resulting in a denial of service...

Stacklok Minder 安全漏洞

Minder is an open source platform that helps development teams and the open source community build more secure software and prove to others that the software they build is secure. A security vulnerability exists in Stacklok Minder version 5c381cf that stems from a data leak in GetRepositoryByName...