VYPR

apk package

wolfi/k3d-proxy

pkg:apk/wolfi/k3d-proxy

Vulnerabilities (150)

  • CVE-2019-11254MedApr 1, 2020
    affected < 5.6.0-r11fixed 5.6.0-r11

    The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.

  • CVE-2020-7919HigMar 16, 2020
    affected < 5.6.0-r11fixed 5.6.0-r11

    Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate.

  • CVE-2020-9283HigFeb 20, 2020
    affected < 5.6.0-r11fixed 5.6.0-r11

    golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client.

  • CVE-2020-7219HigJan 31, 2020
    affected < 5.6.0-r11fixed 5.6.0-r11

    HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3.

  • CVE-2019-9514HigAug 13, 2019
    affected < 5.6.0-r11fixed 5.6.0-r11

    Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer

  • CVE-2019-9512HigAug 13, 2019
    affected < 5.6.0-r11fixed 5.6.0-r11

    Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consum

  • CVE-2019-11841MedMay 22, 2019
    affected < 5.6.0-r11fixed 5.6.0-r11

    A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" A

  • CVE-2019-11840MedMay 9, 2019
    affected < 5.6.0-r11fixed 5.6.0-r11

    An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 G

  • CVE-2019-9764HigMar 26, 2019
    affected < 5.6.0-r11fixed 5.6.0-r11

    HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In other words, the product behaves as if verify_server_hostname were set to false, even when it is actually set to true. This is fixed in 1.4.4.

  • CVE-2018-19653MedDec 9, 2018
    affected < 5.6.0-r11fixed 5.6.0-r11

    HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the verify_outgoing setting is improperly documented. NOTE: the vendor has provided reconfiguration steps that do not require a software upgrade.

Page 8 of 8