apk package
chainguard/kubeflow-tensorboard-controller-fips-compat
pkg:apk/chainguard/kubeflow-tensorboard-controller-fips-compat
Vulnerabilities (23)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-28948 | Hig | 7.5 | < 1.10.0-r2 | 1.10.0-r2 | May 19, 2022 | An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input. | |
| CVE-2022-27191 | Hig | 7.5 | < 1.10.0-r2 | 1.10.0-r2 | Mar 18, 2022 | The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. | |
| CVE-2021-3121 | Hig | 8.6 | < 1.10.0-r2 | 1.10.0-r2 | Jan 11, 2021 | An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue. |
- affected < 1.10.0-r2fixed 1.10.0-r2
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
- affected < 1.10.0-r2fixed 1.10.0-r2
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
- affected < 1.10.0-r2fixed 1.10.0-r2
An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue.
Page 2 of 2