12 matches found
ROS-20250822-10
Vulnerability in clientgolang library of Prometheus event monitoring and notification application is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...
Azure Linux 3.0 Security Update: application-gateway-kubernetes-ingress / cri-o / keda / kube-vip-cloud-provider / kured / moby-engine / node-problem-detector (CVE-2022-21698)
The version of application-gateway-kubernetes-ingress / cri-o / keda / kube-vip-cloud-provider / kured / moby-engine / node-problem-detector installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-21698...
Security update for SUSE Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter: Security issues fixed: CVE-2023-3978: Fixed security bug in x/net dependency bsc1213933 Other changes and issues fixed: Delete unpackaged debug files for RHEL Do not include source files in the package for RHEL 9...
RHEL 7 : prometheus_client_golang (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - prometheus/clientgolang: Denial of service using InstrumentHandlerCounter CVE-2022-21698 Note that Nessus has not...
prometheus/client_golang: Denial of service using InstrumentHandlerCounter
A denial of service attack was found in prometheus/clientgolang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability...
The vulnerability of the client_golang library in the monitoring and event-notification application of Prometheus allows a intruder to trigger a service failure.
The vulnerability of the clientgolang library used in Prometheus’s monitoring and event notification applications relates to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...
Important: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.24.0
Release of OpenShift Serverless Client kn 1.24.0 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
prometheus/client_golang: Denial of service using InstrumentHandlerCounter
A denial of service attack was found in prometheus/clientgolang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability...
AZL-33639 CVE-2022-21698 affecting package rook for versions less than 1.6.2-18
clientgolang is the instrumentation library for Go applications in Prometheus, and the promhttp package in clientgolang provides tooling around HTTP servers and clients. In clientgolang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and...
AZL-33620 CVE-2022-21698 affecting package moby-engine for versions less than 20.10.27-3
clientgolang is the instrumentation library for Go applications in Prometheus, and the promhttp package in clientgolang provides tooling around HTTP servers and clients. In clientgolang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and...
AZL-35122 CVE-2022-21698 affecting package prometheus-process-exporter for versions less than 0.8.2-1
clientgolang is the instrumentation library for Go applications in Prometheus, and the promhttp package in clientgolang provides tooling around HTTP servers and clients. In clientgolang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and...
AZL-35012 CVE-2022-21698 affecting package multus for versions less than 4.0.2-1
clientgolang is the instrumentation library for Go applications in Prometheus, and the promhttp package in clientgolang provides tooling around HTTP servers and clients. In clientgolang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and...