VYPR

rpm package

opensuse/golang-github-lusitaniae-apache_exporter&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/golang-github-lusitaniae-apache_exporter&distro=openSUSE%20Tumbleweed

Vulnerabilities (4)

  • CVE-2023-3978Aug 2, 2023
    affected < 1.0.8-1.1fixed 1.0.8-1.1

    Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.

  • CVE-2022-41723Feb 28, 2023
    affected < 1.0.0-1.1fixed 1.0.0-1.1

    A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.

  • CVE-2022-46146Nov 29, 2022
    affected < 1.0.0-1.1fixed 1.0.0-1.1

    Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.

  • CVE-2022-32149Oct 14, 2022
    affected < 1.0.0-1.1fixed 1.0.0-1.1

    An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse.