VYPR

apk package

chainguard/nri-cassandra-jdk11

pkg:apk/chainguard/nri-cassandra-jdk11

Vulnerabilities (24)

  • CVE-2024-34156HigSep 6, 2024
    affected < 2.13.9-r1fixed 2.13.9-r1

    Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

  • CVE-2024-34155MedSep 6, 2024
    affected < 2.13.9-r1fixed 2.13.9-r1

    Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.

  • CVE-2023-45284Nov 9, 2023
    affected < 0fixed 0

    On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as "COM1 ", and reserved names "COM" and "LPT" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now corr

  • CVE-2023-45283Nov 9, 2023
    affected < 0fixed 0

    The filepath package does not recognize paths with a \??\ prefix as special. On Windows, a path beginning with \??\ is a Root Local Device path equivalent to a path beginning with \\?\. Paths with a \??\ prefix may be used to access arbitrary locations on the system. For example,

Page 2 of 2