CVE-2022-21698
Description
client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of promhttp.InstrumentHandler* middleware except RequestsInFlight; not filter any specific methods (e.g GET) before middleware; pass metric with method label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown method. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the method label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/prometheus/client_golangGo | < 1.11.1 | 1.11.1 |
Affected products
180- osv-coords179 versionspkg:apk/chainguard/dynamic-localpv-provisionerpkg:apk/chainguard/dynamic-localpv-provisioner-fipspkg:apk/chainguard/prometheus-postgres-exporter-0.10pkg:apk/wolfi/dynamic-localpv-provisionerpkg:golang/github.com/prometheus/client_golangpkg:rpm/almalinux/aardvark-dnspkg:rpm/almalinux/buildahpkg:rpm/almalinux/buildah-testspkg:rpm/almalinux/cockpit-podmanpkg:rpm/almalinux/conmonpkg:rpm/almalinux/containernetworking-pluginspkg:rpm/almalinux/containers-commonpkg:rpm/almalinux/container-selinuxpkg:rpm/almalinux/critpkg:rpm/almalinux/criupkg:rpm/almalinux/criu-develpkg:rpm/almalinux/criu-libspkg:rpm/almalinux/crunpkg:rpm/almalinux/fuse-overlayfspkg:rpm/almalinux/grafanapkg:rpm/almalinux/libslirppkg:rpm/almalinux/libslirp-develpkg:rpm/almalinux/netavarkpkg:rpm/almalinux/oci-seccomp-bpf-hookpkg:rpm/almalinux/podmanpkg:rpm/almalinux/podman-catatonitpkg:rpm/almalinux/podman-dockerpkg:rpm/almalinux/podman-gvproxypkg:rpm/almalinux/podman-pluginspkg:rpm/almalinux/podman-remotepkg:rpm/almalinux/podman-testspkg:rpm/almalinux/python3-criupkg:rpm/almalinux/python3-podmanpkg:rpm/almalinux/runcpkg:rpm/almalinux/skopeopkg:rpm/almalinux/skopeo-testspkg:rpm/almalinux/slirp4netnspkg:rpm/almalinux/toolboxpkg:rpm/almalinux/toolbox-testspkg:rpm/almalinux/udicapkg:rpm/opensuse/firewalld&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/golang-github-prometheus-alertmanager&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/golang-github-prometheus-alertmanager&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/golang-github-prometheus-node_exporter&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/golang-github-prometheus-node_exporter&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/golang-github-prometheus-node_exporter&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/golang-github-prometheus-prometheus&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/golang-github-prometheus-prometheus&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/golang-github-QubitProducts-exporter_exporter&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/kubeseal&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/podman&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/podman&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/podman&distro=openSUSE%20Leap%20Micro%205.2pkg:rpm/opensuse/podman&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/prometheus-postgres_exporter&distro=openSUSE%20Tumbleweedpkg:rpm/suse/firewalld&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/firewalld&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/firewalld&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/firewalld&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP3pkg:rpm/suse/golang-github-boynux-squid_exporter&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Proxy%20Module%204.1pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Manager%20Proxy%20Module%204.1pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Manager%20Proxy%20Module%204.1pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Proxy%20Module%204.1pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/golang-github-prometheus-promu&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-QubitProducts-exporter_exporter&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/golang-github-QubitProducts-exporter_exporter&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-QubitProducts-exporter_exporter&distro=SUSE%20Manager%20Proxy%20Module%204.1pkg:rpm/suse/golang-github-QubitProducts-exporter_exporter&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/kiwi-desc-saltboot&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/kiwi-desc-saltboot&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/mgr-cfg&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/mgr-custom-info&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/mgr-daemon&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/mgr-osad&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/mgr-push&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/mgr-push&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/mgr-virtualization&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/patterns-suse-manager&distro=SUSE%20Manager%20Proxy%20Module%204.1pkg:rpm/suse/patterns-suse-manager&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/podman&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP3pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP4pkg:rpm/suse/postgresql-jdbc&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/prometheus-exporters-formula&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/prometheus-formula&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/prometheus-postgres_exporter&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/prometheus-postgres_exporter&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/py27-compat-salt&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/python-hwdata&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/python-hwdata&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Proxy%20Module%204.1pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Proxy%20Module%204.1pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/spacewalk-koan&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/spacewalk-oscap&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/spacewalk-remote-utils&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/spacewalk-setup&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/spacewalk-utils&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Proxy%20Module%204.1pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/subscription-matcher&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/susemanager&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/susemanager-doc-indexes&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/susemanager-docs_en&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/susemanager-schema&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/susemanager-sls&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/suseRegisterInfo&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/system-user-grafana&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/system-user-prometheus&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Client%20Tools%2012-BETA
< 3.4.1-r3+ 178 more
- (no CPE)range: < 3.4.1-r3
- (no CPE)range: < 3.5.0-r0
- (no CPE)range: < 0
- (no CPE)range: < 3.4.1-r3
- (no CPE)range: < 1.11.1
- (no CPE)range: < 2:1.0.1-27.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 1:1.24.2-4.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 1:1.24.2-4.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 43-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 2:2.1.0-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 1:1.0.1-2.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:1-27.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:2.179.1-1.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 3.15-3.module_el8.6.0+2751+06427ca3
- (no CPE)range: < 3.15-3.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 3.15-3.module_el8.6.0+2751+06427ca3
- (no CPE)range: < 3.15-3.module_el8.6.0+2751+06427ca3
- (no CPE)range: < 1.4.4-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 1.8.2-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 7.5.15-3.el8
- (no CPE)range: < 4.4.0-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 4.4.0-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 2:1.0.1-27.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 1.2.3-3.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:4.0.2-6.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 3.15-3.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 4.0.0-1.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 1:1.0.3-2.module_el8.6.0+2878+e681bc44
- (no CPE)range: < 2:1.6.1-2.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 2:1.6.1-2.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 1.1.8-2.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 0.0.99.3-0.4.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 0.0.99.3-0.4.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 0.2.6-2.module_el8.6.0+2877+8e437bf5
- (no CPE)range: < 0.9.3-150300.3.6.1
- (no CPE)range: < 0.23.0-150100.4.7.1
- (no CPE)range: < 0.23.0-150100.4.7.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.1-2.1
- (no CPE)range: < 2.32.1-150100.4.9.2
- (no CPE)range: < 2.32.1-150100.4.9.2
- (no CPE)range: < 0.4.0-16.1
- (no CPE)range: < 0.17.4-1.1
- (no CPE)range: < 3.4.7-150300.9.9.2
- (no CPE)range: < 3.4.7-150400.4.3.1
- (no CPE)range: < 3.4.7-150300.9.9.2
- (no CPE)range: < 4.2.1-2.1
- (no CPE)range: < 0.10.1-6.1
- (no CPE)range: < 0.9.3-150300.3.6.1
- (no CPE)range: < 0.9.3-150300.3.6.1
- (no CPE)range: < 0.9.3-150300.3.6.1
- (no CPE)range: < 0.9.3-150300.3.6.1
- (no CPE)range: < 1.6-4.9.2
- (no CPE)range: < 0.11.0-1.13.1
- (no CPE)range: < 1.0.0-4.12.4
- (no CPE)range: < 0.7.0-150200.2.6.2
- (no CPE)range: < 0.7.0-150200.2.6.2
- (no CPE)range: < 0.23.0-150100.4.7.1
- (no CPE)range: < 0.23.0-1.12.3
- (no CPE)range: < 0.26.0-4.12.4
- (no CPE)range: < 0.23.0-150100.4.7.1
- (no CPE)range: < 0.23.0-150100.4.7.1
- (no CPE)range: < 0.23.0-150100.4.7.1
- (no CPE)range: < 0.23.0-150100.4.7.1
- (no CPE)range: < 1.3.0-1.15.3
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150000.3.12.1
- (no CPE)range: < 1.3.0-150000.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-1.15.3
- (no CPE)range: < 1.3.0-1.15.3
- (no CPE)range: < 1.3.0-1.15.3
- (no CPE)range: < 1.3.0-1.15.3
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150000.3.12.1
- (no CPE)range: < 1.3.0-1.15.3
- (no CPE)range: < 1.3.0-1.15.3
- (no CPE)range: < 1.3.0-1.15.3
- (no CPE)range: < 1.3.0-150000.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-1.15.3
- (no CPE)range: < 1.5.0-4.15.4
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150200.3.9.3
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150100.3.12.1
- (no CPE)range: < 1.3.0-150200.3.9.3
- (no CPE)range: < 1.3.0-1.15.3
- (no CPE)range: < 1.3.0-1.15.3
- (no CPE)range: < 1.3.0-1.15.3
- (no CPE)range: < 1.3.0-1.15.3
- (no CPE)range: < 2.32.1-150100.4.9.2
- (no CPE)range: < 2.32.1-1.38.1
- (no CPE)range: < 2.45.0-4.33.3
- (no CPE)range: < 2.32.1-150000.3.41.2
- (no CPE)range: < 2.32.1-150100.4.9.2
- (no CPE)range: < 2.32.1-150100.4.9.2
- (no CPE)range: < 0.14.0-4.12.2
- (no CPE)range: < 0.4.0-1.6.1
- (no CPE)range: < 0.4.0-4.6.2
- (no CPE)range: < 0.4.0-150200.6.12.2
- (no CPE)range: < 0.4.0-150200.6.12.2
- (no CPE)range: < 8.3.5-1.30.3
- (no CPE)range: < 9.5.8-4.21.2
- (no CPE)range: < 0.1.1661440542.6cbe0da-1.29.1
- (no CPE)range: < 0.1.1687520761.cefb248-4.15.2
- (no CPE)range: < 4.3.6-1.27.4
- (no CPE)range: < 4.3.3-1.18.1
- (no CPE)range: < 4.3.4-1.32.3
- (no CPE)range: < 4.3.6-1.39.4
- (no CPE)range: < 4.3.4-1.21.4
- (no CPE)range: < 5.0.1-4.21.4
- (no CPE)range: < 4.3.5-1.29.3
- (no CPE)range: < 4.1-150200.6.12.2
- (no CPE)range: < 4.1-150200.6.12.2
- (no CPE)range: < 3.4.7-150300.9.9.2
- (no CPE)range: < 3.4.7-150300.9.9.2
- (no CPE)range: < 3.4.7-150300.9.9.2
- (no CPE)range: < 3.4.7-150300.9.9.2
- (no CPE)range: < 3.4.7-150400.4.3.1
- (no CPE)range: < 42.2.10-150200.3.8.2
- (no CPE)range: < 0.19.0-1.8.2
- (no CPE)range: < 0.24.0-3.6.3
- (no CPE)range: < 0.9.5-150200.3.31.2
- (no CPE)range: < 0.3.7-150200.3.21.2
- (no CPE)range: < 0.10.0-1.8.2
- (no CPE)range: < 0.10.1-3.6.4
- (no CPE)range: < 3000.3-150200.6.24.2
- (no CPE)range: < 2.3.5-12.9.1
- (no CPE)range: < 2.3.5-15.12.2
- (no CPE)range: < 4.3.4-21.43.3
- (no CPE)range: < 5.0.1-24.30.3
- (no CPE)range: < 4.3.11-38.103.3
- (no CPE)range: < 5.0.1-41.42.3
- (no CPE)range: < 4.1.18-150200.4.39.3
- (no CPE)range: < 4.1.18-150200.4.39.3
- (no CPE)range: < 4.1.31-150200.4.50.4
- (no CPE)range: < 4.1.31-150200.4.50.4
- (no CPE)range: < 4.3.9-52.71.3
- (no CPE)range: < 4.1.46-150200.3.71.5
- (no CPE)range: < 4.3.5-24.33.3
- (no CPE)range: < 4.3.5-19.27.1
- (no CPE)range: < 4.3.3-24.24.3
- (no CPE)range: < 4.1.11-150200.3.18.2
- (no CPE)range: < 4.1.20-150200.3.30.2
- (no CPE)range: < 4.1.34-150200.3.47.6
- (no CPE)range: < 4.1.34-150200.3.47.6
- (no CPE)range: < 0.28-150200.3.15.2
- (no CPE)range: < 1.2.0-6.16.1
- (no CPE)range: < 1.2.2-9.9.2
- (no CPE)range: < 4.3.2-6.24.1
- (no CPE)range: < 5.0.1-9.15.2
- (no CPE)range: < 4.1.36-150200.3.52.1
- (no CPE)range: < 4.1-150200.11.55.4
- (no CPE)range: < 4.1-150200.11.55.2
- (no CPE)range: < 4.1.26-150200.3.45.4
- (no CPE)range: < 4.1.36-150200.3.64.2
- (no CPE)range: < 4.3.3-25.27.3
- (no CPE)range: < 1.0.0-3.7.2
- (no CPE)range: < 1.0.0-3.7.2
- (no CPE)range: < 4.3.4-1.21.3
- (no CPE)range: < 5.0.1-3.33.3
- prometheus/client_golangv5Range: < 1.11.1
Patches
Vulnerability mechanics
References
43- github.com/prometheus/client_golang/pull/962nvdPatchThird Party AdvisoryWEB
- github.com/prometheus/client_golang/pull/987nvdPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-cg3q-j54f-5p7pghsaADVISORY
- github.com/prometheus/client_golang/releases/tag/v1.11.1nvdRelease NotesThird Party AdvisoryWEB
- github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7pnvdIssue TrackingThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2022-21698ghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXURghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3DghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRHghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWAghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGXghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWNghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRXghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VNghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKARghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLGghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJRghsaWEB
- pkg.go.dev/vuln/GO-2022-0322ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/nvd
News mentions
0No linked articles in our index yet.