apk package
chainguard/eks-distro-coredns-1.8
pkg:apk/chainguard/eks-distro-coredns-1.8
Vulnerabilities (23)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-29526 | — | < 1.8.7-r5 | 1.8.7-r5 | Jun 22, 2022 | Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible. | ||
| CVE-2022-28948 | — | < 1.8.7-r5 | 1.8.7-r5 | May 19, 2022 | An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input. | ||
| CVE-2022-27191 | — | < 1.8.7-r5 | 1.8.7-r5 | Mar 18, 2022 | The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. |
- CVE-2022-29526Jun 22, 2022affected < 1.8.7-r5fixed 1.8.7-r5
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
- CVE-2022-28948May 19, 2022affected < 1.8.7-r5fixed 1.8.7-r5
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
- CVE-2022-27191Mar 18, 2022affected < 1.8.7-r5fixed 1.8.7-r5
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
Page 2 of 2