CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

Tenable Nessus•added 2024/01/30 12:0 a.m.•29 views

RHEL 8 : container-tools:3.0 (RHSA-2024:0564)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0564 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes:...

7.8CVSS7.3AI score0.00376EPSS

Exploits0References8

Microsoft CVE•added 2023/11/08 8:0 a.m.•2 views

Uncontrolled Resource Consumption in promhttp

...

7.5CVSS7.6AI score0.00376EPSS

Exploits0

SUSE CVE•added 2023/02/15 3:29 a.m.•1 views

SUSE CVE-2022-21698

clientgolang is the instrumentation library for Go applications in Prometheus, and the promhttp package in clientgolang provides tooling around HTTP servers and clients. In clientgolang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and...

7.5CVSS8.2AI score0.00376EPSS

Exploits0References30

Tenable Nessus•added 2023/01/20 12:0 a.m.•39 views

openSUSE 15 Security Update : golang-github-prometheus-alertmanager (SUSE-SU-2022:2139-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2022:2139-1 advisory. - clientgolang is the instrumentation library for Go applications in Prometheus, and the promhttp package in clientgolang provides tooling around HTTP server...

7.5CVSS7AI score0.00376EPSS

Exploits0References5

Tenable Nessus•added 2022/12/22 12:0 a.m.•42 views

Fedora 35 : golang-github-distribution-3 (2022-739c7a0058)

The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-739c7a0058 advisory. Update to 3.0.0 pre1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not test...

7.5CVSS7.2AI score0.00376EPSS

Exploits0References2

Tenable Nessus•added 2022/10/27 12:0 a.m.•45 views

SUSE SLED15 / SLES15 Security Update : golang-github-prometheus-node_exporter (SUSE-SU-2022:3745-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3745-1 advisory. - clientgolang is the instrumentation library for Go applications in Prometheus, and the promhttp package in clientgola...

7.5CVSS7AI score0.00376EPSS

Exploits0References4

OSV•added 2022/07/15 11:29 p.m.•36 views

GO-2022-0322 Uncontrolled resource consumption in github.com/prometheus/client_golang

The Prometheus clientgolang HTTP server is vulnerable to a denial of service attack when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of the promhttp.InstrumentHandler middleware except RequestsInFlight; not filter any specific...

7.5CVSS9.4AI score0.01159EPSS

Exploits1References1

OSV•added 2022/02/16 10:26 p.m.•28 views

GHSA-CG3Q-J54F-5P7P Uncontrolled Resource Consumption in promhttp

This is the Go client library for Prometheus. It has two separate parts, one for instrumenting application code, and one for creating clients that talk to the Prometheus HTTP API. clientgolang is the instrumentation library for Go applications in Prometheus, and the promhttp package in clientgola...

7.5CVSS9.5AI score0.01159EPSS

Exploits0References25

OSV•added 2022/02/15 4:15 p.m.•2 views

AZL-34541 CVE-2022-21698 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.2-2

7.5CVSS6.7AI score0.00376EPSS

Exploits0References1

OSV•added 2022/02/15 4:15 p.m.•1 views

AZL-33623 CVE-2022-21698 affecting package nmi for versions less than 1.8.11-2

7.5CVSS6.7AI score0.00376EPSS

Exploits0References1

OSV•added 2022/02/15 4:15 p.m.•1 views

AZL-33637 CVE-2022-21698 affecting package prometheus-process-exporter for versions less than 0.7.10-18