Skip to content
This repository was archived by the owner on Apr 25, 2025. It is now read-only.
This repository was archived by the owner on Apr 25, 2025. It is now read-only.

Security Vulnerabilities - v14.1.0-release-prod  #1057

Open
Open
Security Vulnerabilities - v14.1.0-release-prod #1057
@syzzo

Description

@syzzo
syzzo
opened on May 24, 2023

✗ Medium severity vulnerability found in golang.org/x/sys/unix
Description: Incorrect Privilege Assignment
Info: https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXSYSUNIX-3310442
Introduced through: golang.org/x/sys/unix@v0.0.0-20200625212154-ddb9806d33ae
From: golang.org/x/sys/unix@v0.0.0-20200625212154-ddb9806d33ae
Fixed in: 0.1.0

✗ Medium severity vulnerability found in golang.org/x/net/http2
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTTP2-3160322
Introduced through: golang.org/x/net/http2@v0.0.0-20200707034311-ab3426394381
From: golang.org/x/net/http2@v0.0.0-20200707034311-ab3426394381
Fixed in: 0.4.0

✗ Medium severity vulnerability found in golang.org/x/net/http/httpguts
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTTPHTTPGUTS-3314986
Introduced through: golang.org/x/net/http/httpguts@v0.0.0-20200707034311-ab3426394381
From: golang.org/x/net/http/httpguts@v0.0.0-20200707034311-ab3426394381
Fixed in: 0.0.0-20210428140749-89ef3d95e781

✗ High severity vulnerability found in gopkg.in/yaml.v3
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-GOLANG-GOPKGINYAMLV3-2841557
Introduced through: gopkg.in/yaml.v3@v3.0.0-20200605160147-a5ece683394c
From: gopkg.in/yaml.v3@v3.0.0-20200605160147-a5ece683394c
Fixed in: 3.0.0

✗ High severity vulnerability found in gopkg.in/yaml.v3
Description: NULL Pointer Dereference
Info: https://security.snyk.io/vuln/SNYK-GOLANG-GOPKGINYAMLV3-2952714
Introduced through: gopkg.in/yaml.v3@v3.0.0-20200605160147-a5ece683394c
From: gopkg.in/yaml.v3@v3.0.0-20200605160147-a5ece683394c
Fixed in: 3.0.1

✗ High severity vulnerability found in golang.org/x/net/http2/hpack
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTTP2HPACK-3358253
Introduced through: golang.org/x/net/http2/hpack@v0.0.0-20200707034311-ab3426394381
From: golang.org/x/net/http2/hpack@v0.0.0-20200707034311-ab3426394381
Fixed in: 0.7.0

✗ High severity vulnerability found in golang.org/x/net/http2
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTTP2-2313688
Introduced through: golang.org/x/net/http2@v0.0.0-20200707034311-ab3426394381
From: golang.org/x/net/http2@v0.0.0-20200707034311-ab3426394381
Fixed in: 0.0.0-20211209124913-491a49abca63

✗ High severity vulnerability found in golang.org/x/net/http2
Description: Denial of Service
Info: https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTTP2-3028257
Introduced through: golang.org/x/net/http2@v0.0.0-20200707034311-ab3426394381
From: golang.org/x/net/http2@v0.0.0-20200707034311-ab3426394381
Fixed in: 0.0.0-20220906165146-f3363e06e74c, 1.18.6, 1.19.1

✗ High severity vulnerability found in golang.org/x/net/http2
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETHTTP2-3323837
Introduced through: golang.org/x/net/http2@v0.0.0-20200707034311-ab3426394381
From: golang.org/x/net/http2@v0.0.0-20200707034311-ab3426394381
Fixed in: 0.7.0

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions