apk package
chainguard/argo-events-compat
pkg:apk/chainguard/argo-events-compat
Vulnerabilities (21)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-37475 | — | < 1.9.2-r1 | 1.9.2-r1 | Jul 17, 2023 | Hamba avro is a go lang encoder/decoder implementation of the avro codec specification. In affected versions a well-crafted string passed to avro's `github.com/hamba/avro/v2.Unmarshal()` can throw a `fatal error: runtime: out of memory` which is unrecoverable and can cause denial |
- CVE-2023-37475Jul 17, 2023affected < 1.9.2-r1fixed 1.9.2-r1
Hamba avro is a go lang encoder/decoder implementation of the avro codec specification. In affected versions a well-crafted string passed to avro's `github.com/hamba/avro/v2.Unmarshal()` can throw a `fatal error: runtime: out of memory` which is unrecoverable and can cause denial
Page 2 of 2