apk package
wolfi/grafana-mimir-metaconvert
pkg:apk/wolfi/grafana-mimir-metaconvert
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-6104 | — | < 2.12.0-r3 | 2.12.0-r3 | Jun 24, 2024 | go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. | ||
| CVE-2024-35255 | — | < 2.12.0-r2 | 2.12.0-r2 | Jun 11, 2024 | Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability |
- CVE-2024-6104Jun 24, 2024affected < 2.12.0-r3fixed 2.12.0-r3
go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.
- CVE-2024-35255Jun 11, 2024affected < 2.12.0-r2fixed 2.12.0-r2
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Page 2 of 2