rpm package
suse/rekor&distro=SUSE Linux Enterprise Module for Basesystem 15 SP4
pkg:rpm/suse/rekor&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-33199 | — | < 1.2.1-150400.4.12.1 | 1.2.1-150400.4.12.1 | May 26, 2023 | Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. A malformed proposed entry of the `intoto/v0.0.2` type can cause a panic on a thread within the Rekor process. The thread is recovered so the client re | ||
| CVE-2023-30551 | — | < 1.1.1-150400.4.9.1 | 1.1.1-150400.4.9.1 | May 8, 2023 | Rekor is an open source software supply chain transparency log. Rekor prior to version 1.1.1 may crash due to out of memory (OOM) conditions caused by reading archive metadata files into memory without checking their sizes first. Verification of a JAR file submitted to Rekor can |
- CVE-2023-33199May 26, 2023affected < 1.2.1-150400.4.12.1fixed 1.2.1-150400.4.12.1
Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. A malformed proposed entry of the `intoto/v0.0.2` type can cause a panic on a thread within the Rekor process. The thread is recovered so the client re
- CVE-2023-30551May 8, 2023affected < 1.1.1-150400.4.9.1fixed 1.1.1-150400.4.9.1
Rekor is an open source software supply chain transparency log. Rekor prior to version 1.1.1 may crash due to out of memory (OOM) conditions caused by reading archive metadata files into memory without checking their sizes first. Verification of a JAR file submitted to Rekor can