VYPR

rpm package

opensuse/kubernetes1.28&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kubernetes1.28&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2023-45288HigApr 4, 2024
    affected < 1.28.9-1.1fixed 1.28.9-1.1

    An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed Ma

  • CVE-2024-24786HigMar 5, 2024
    affected < 1.28.8-1.1fixed 1.28.8-1.1

    The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.

  • CVE-2023-44487HigKEVOct 10, 2023
    affected < 1.28.13-2.1fixed 1.28.13-2.1

    The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.