apk package
chainguard/prometheus-2.52-bitnami-compat
pkg:apk/chainguard/prometheus-2.52-bitnami-compat
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-6104 | — | < 2.52.0-r6 | 2.52.0-r6 | Jun 24, 2024 | go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. | ||
| CVE-2024-35255 | — | < 2.52.0-r4 | 2.52.0-r4 | Jun 11, 2024 | Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability | ||
| CVE-2024-32473 | — | < 2.52.0-r1 | 2.52.0-r1 | Apr 18, 2024 | Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks where `--ipv6=false`. An con |
- CVE-2024-6104Jun 24, 2024affected < 2.52.0-r6fixed 2.52.0-r6
go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.
- CVE-2024-35255Jun 11, 2024affected < 2.52.0-r4fixed 2.52.0-r4
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
- CVE-2024-32473Apr 18, 2024affected < 2.52.0-r1fixed 2.52.0-r1
Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks where `--ipv6=false`. An con