Skip to content

ubuntu/grafana-agent:0.40.4-22.04_stable (ubuntu 22.04) - Trivy Report - 2024-08-29 10:45:52.621829889 +0200 CEST m=+0.640145445 #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
zhijie-yang opened this issue Aug 29, 2024 · 0 comments
Closed

ubuntu/grafana-agent:0.40.4-22.04_stable (ubuntu 22.04) - Trivy Report - 2024-08-29 10:45:52.621829889 +0200 CEST m=+0.640145445 #5

zhijie-yang opened this issue Aug 29, 2024 · 0 comments

Comments

@zhijie-yang
Copy link
Owner

ubuntu/grafana-agent:0.40.4-22.04_stable (ubuntu 22.04) - Trivy Report - 2024-08-29 10:45:52.621829889 +0200 CEST m=+0.640145445

ubuntu
No Vulnerabilities found
No Misconfigurations found
gobinary
Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/docker/docker CVE-2024-41110 CRITICAL v24.0.7+incompatible 23.0.15, 26.1.5, 27.1.1, 25.0.6 https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby moby/moby@411e817 moby/moby@42f40b1 moby/moby@65cc597 moby/moby@852759a moby/moby@a312606 moby/moby@a79fabb moby/moby@ae160b4 moby/moby@ae2b366 moby/moby@cc13f95 moby/moby@fc274cd GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/mostynb/go-grpc-compression GHSA-87m9-rv8p-rgmg HIGH v1.2.1 1.2.3 https://github.com/mostynb/go-grpc-compression mostynb/go-grpc-compression@629c44d GHSA-87m9-rv8p-rgmg https://pkg.go.dev/vuln/GO-2024-2911
go.opentelemetry.io/collector/config/configgrpc CVE-2024-36129 HIGH v0.87.0 0.102.1 https://access.redhat.com/security/cve/CVE-2024-36129 https://github.com/open-telemetry/opentelemetry-collector open-telemetry/opentelemetry-collector#10289 open-telemetry/opentelemetry-collector#10323 GHSA-c74f-6mfw-mm4v https://nvd.nist.gov/vuln/detail/CVE-2024-36129 https://opentelemetry.io/blog/2024/cve-2024-36129 https://pkg.go.dev/vuln/GO-2024-2900 https://www.cve.org/CVERecord?id=CVE-2024-36129
go.opentelemetry.io/collector/config/confighttp CVE-2024-36129 HIGH v0.87.0 0.102.0 https://access.redhat.com/security/cve/CVE-2024-36129 https://github.com/open-telemetry/opentelemetry-collector open-telemetry/opentelemetry-collector#10289 open-telemetry/opentelemetry-collector#10323 GHSA-c74f-6mfw-mm4v https://nvd.nist.gov/vuln/detail/CVE-2024-36129 https://opentelemetry.io/blog/2024/cve-2024-36129 https://pkg.go.dev/vuln/GO-2024-2900 https://www.cve.org/CVERecord?id=CVE-2024-36129
stdlib CVE-2024-24790 CRITICAL 1.22.3 1.21.11, 1.22.4 http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:4212 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-4212.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) golang/go#67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-5291.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
No Misconfigurations found
gobinary
Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2024-24790 CRITICAL 1.20.14 1.21.11, 1.22.4 http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:4212 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-4212.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) golang/go#67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-5291.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib CVE-2023-45288 HIGH 1.20.14 1.21.9, 1.22.2 http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/[email protected]/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/[email protected]/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
No Misconfigurations found
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zhijie-yang