registry.hub.docker.com/paketobuildpacks/builder:base (ubuntu 18.04)

Trivy Image Scan

• Image: registry.hub.docker.com/paketobuildpacks/builder:base (ubuntu 18.04)
• Scan date: 2024-11-22

registry.hub.docker.com/paketobuildpacks/builder:base (ubuntu 18.04) (ubuntu)

No Vulnerabilities found
No Misconfigurations found

(gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/distribution	CVE-2023-2253	HIGH	v2.8.1+incompatible	2.8.2-beta.1	https://access.redhat.com/security/cve/CVE-2023-2253 https://bugzilla.redhat.com/show_bug.cgi?id=2189886 https://github.com/distribution/distribution https://github.com/distribution/distribution/commit/521ea3d973cb0c7089ebbcdd4ccadc34be941f54 https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw https://lists.debian.org/debian-lts-announce/2023/06/msg00035.html https://nvd.nist.gov/vuln/detail/CVE-2023-2253 https://ubuntu.com/security/notices/USN-6336-1 https://www.cve.org/CVERecord?id=CVE-2023-2253 https://www.openwall.com/lists/oss-security/2023/05/09/1
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.4+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.4+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.4+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.4+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/golang-jwt/jwt/v4	CVE-2024-51744	LOW	v4.4.3	4.5.1	https://access.redhat.com/security/cve/CVE-2024-51744 https://github.com/golang-jwt/jwt https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r https://nvd.nist.gov/vuln/detail/CVE-2024-51744 https://www.cve.org/CVERecord?id=CVE-2024-51744
github.com/moby/buildkit	CVE-2024-23652	CRITICAL	v0.11.5	0.12.5	https://access.redhat.com/security/cve/CVE-2024-23652 https://github.com/moby/buildkit https://github.com/moby/buildkit/pull/4603 https://github.com/moby/buildkit/releases/tag/v0.12.5 https://github.com/moby/buildkit/security/advisories/GHSA-4v98-7qmw-rqr8 https://nvd.nist.gov/vuln/detail/CVE-2024-23652 https://pkg.go.dev/vuln/GO-2024-2494 https://snyk.io/blog/cve-2024-23652-buildkit-build-time-container-teardown-arbitrary-delete/ https://www.cve.org/CVERecord?id=CVE-2024-23652
github.com/moby/buildkit	CVE-2024-23653	CRITICAL	v0.11.5	0.12.5	https://access.redhat.com/security/cve/CVE-2024-23653 https://github.com/moby/buildkit https://github.com/moby/buildkit/commit/5026d95aa3336e97cfe46e3764f52d08bac7a10e https://github.com/moby/buildkit/commit/92cc595cfb12891d4b3ae476e067c74250e4b71e https://github.com/moby/buildkit/pull/4602 https://github.com/moby/buildkit/releases/tag/v0.12.5 https://github.com/moby/buildkit/security/advisories/GHSA-wr6v-9f75-vh2g https://nvd.nist.gov/vuln/detail/CVE-2024-23653 https://snyk.io/blog/cve-2024-23653-buildkit-grpc-securitymode-privilege-check/ https://www.cve.org/CVERecord?id=CVE-2024-23653
github.com/moby/buildkit	CVE-2024-23651	HIGH	v0.11.5	0.12.5	https://access.redhat.com/security/cve/CVE-2024-23651 https://github.com/moby/buildkit https://github.com/moby/buildkit/pull/4604 https://github.com/moby/buildkit/releases/tag/v0.12.5 https://github.com/moby/buildkit/security/advisories/GHSA-m3r6-h7wv-7xxv https://nvd.nist.gov/vuln/detail/CVE-2024-23651 https://snyk.io/blog/cve-2024-23651-docker-buildkit-mount-cache-race/ https://www.cve.org/CVERecord?id=CVE-2024-23651 https://www.openwall.com/lists/oss-security/2019/05/28/1
github.com/moby/buildkit	CVE-2024-23650	MEDIUM	v0.11.5	0.12.5	https://access.redhat.com/security/cve/CVE-2024-23650 https://github.com/moby/buildkit https://github.com/moby/buildkit/commit/481d9c45f473c58537f39694a38d7995cc656987 https://github.com/moby/buildkit/commit/7718bd5c3dc8fc5cd246a30cc41766e7a53c043c https://github.com/moby/buildkit/commit/83edaef59d545b93e2750f1f85675a3764593fee https://github.com/moby/buildkit/commit/96663dd35bf3787d7efb1ee7fd9ac7fe533582ae https://github.com/moby/buildkit/commit/e1924dc32da35bfb0bfdbb9d0fc7bca25e552330 https://github.com/moby/buildkit/pull/4601 https://github.com/moby/buildkit/releases/tag/v0.12.5 https://github.com/moby/buildkit/security/advisories/GHSA-9p26-698r-w4hx https://linux.oracle.com/cve/CVE-2024-23650.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2024-23650 https://www.cve.org/CVERecord?id=CVE-2024-23650
github.com/opencontainers/runc	CVE-2024-21626	HIGH	v1.1.7	1.1.12	http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html http://www.openwall.com/lists/oss-security/2024/02/01/1 http://www.openwall.com/lists/oss-security/2024/02/02/3 https://access.redhat.com/errata/RHSA-2024:0670 https://access.redhat.com/security/cve/CVE-2024-21626 https://bugzilla.redhat.com/2258725 https://errata.almalinux.org/9/ALSA-2024-0670.html https://github.com/opencontainers/runc https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf https://github.com/opencontainers/runc/releases/tag/v1.1.12 https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv https://linux.oracle.com/cve/CVE-2024-21626.html https://linux.oracle.com/errata/ELSA-2024-17931.html https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/ https://nvd.nist.gov/vuln/detail/CVE-2024-21626 https://ubuntu.com/security/notices/USN-6619-1 https://www.cve.org/CVERecord?id=CVE-2024-21626
github.com/opencontainers/runc	CVE-2024-45310	LOW	v1.1.7	1.1.14, 1.2.0-rc.3	https://access.redhat.com/security/cve/CVE-2024-45310 https://github.com/opencontainers/runc https://github.com/opencontainers/runc/commit/63c2908164f3a1daea455bf5bcd8d363d70328c7 https://github.com/opencontainers/runc/commit/8781993968fd964ac723ff5f360b6f259e809a3e https://github.com/opencontainers/runc/commit/f0b652ea61ff6750a8fcc69865d45a7abf37accf https://github.com/opencontainers/runc/pull/4359 https://github.com/opencontainers/runc/security/advisories/GHSA-jfvp-7x6p-h2pv https://nvd.nist.gov/vuln/detail/CVE-2024-45310 https://www.cve.org/CVERecord?id=CVE-2024-45310 https://www.openwall.com/lists/oss-security/2024/09/03/1
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.5.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.8.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.8.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.8.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.8.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.53.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.53.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.29.1	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_apache-tomcat/7.13.7/bin/helper (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_apache-tomcat/7.13.7/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_apache-tomee/1.7.4/bin/helper (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_apache-tomee/1.7.4/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_azure-application-insights/5.15.1/bin/helper (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_azure-application-insights/5.15.1/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_bellsoft-liberica/10.2.6/bin/helper (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.11.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.11.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.11.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.11.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_bellsoft-liberica/10.2.6/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.11.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.11.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.11.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.11.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_bundle-install/0.7.9/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_bundler/0.7.21/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_ca-certificates/3.6.2/bin/helper (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_ca-certificates/3.6.2/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_ca-certificates/3.6.3/bin/helper (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_ca-certificates/3.6.3/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_clojure-tools/2.8.5/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_conda-env-update/0.7.11/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.1.0	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/cloudflare/circl	CVE-2023-1732	MEDIUM	v1.1.0	1.3.3	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/ff8d91225f8954b4970b6d6382d2e4c78f4a4cf8 https://github.com/cloudflare/circl/releases/tag/v1.3.3 https://github.com/cloudflare/circl/security/advisories/GHSA-2q89-485c-9j2x https://nvd.nist.gov/vuln/detail/CVE-2023-1732
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_cpython/1.8.11/bin/env (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_cpython/1.8.11/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v20.10.3-0.20221013203545-33ab36d6b304+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2023-28840	HIGH	v20.10.3-0.20221013203545-33ab36d6b304+incompatible	20.10.24, 23.0.3	https://access.redhat.com/security/cve/CVE-2023-28840 https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333 https://github.com/moby/moby https://github.com/moby/moby/issues/43382 https://github.com/moby/moby/pull/45118 https://github.com/moby/moby/security/advisories/GHSA-232p-vwff-86mp https://github.com/moby/moby/security/advisories/GHSA-33pg-m6jh-5237 https://github.com/moby/moby/security/advisories/GHSA-6wrf-mxfj-pf5p https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/ https://nvd.nist.gov/vuln/detail/CVE-2023-28840 https://www.cve.org/CVERecord?id=CVE-2023-28840
github.com/docker/docker	CVE-2021-41091	MEDIUM	v20.10.3-0.20221013203545-33ab36d6b304+incompatible	20.10.9	https://access.redhat.com/security/cve/CVE-2021-41091 https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf https://github.com/moby/moby https://github.com/moby/moby/commit/f0ab919f518c47240ea0e72d0999576bb8008e64 https://github.com/moby/moby/security/advisories/GHSA-3fwx-pjgw-3558 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB https://nvd.nist.gov/vuln/detail/CVE-2021-41091 https://www.cve.org/CVERecord?id=CVE-2021-41091
github.com/docker/docker	CVE-2022-24769	MEDIUM	v20.10.3-0.20221013203545-33ab36d6b304+incompatible	20.10.14	http://www.openwall.com/lists/oss-security/2022/05/12/1 https://access.redhat.com/security/cve/CVE-2022-24769 https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c https://github.com/moby/moby https://github.com/moby/moby/commit/2bbc786e4c59761d722d2d1518cd0a32829bc07f https://github.com/moby/moby/commit/7f375bcff41ce672cd61e9a31f3eeb2966e3dbe1 https://github.com/moby/moby/releases/tag/v20.10.14 https://github.com/moby/moby/security/advisories/GHSA-2mm7-x5h6-5pvq https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PMQKCAPK2AR3DCYITJYMMNBEGQBGLCC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PMQKCAPK2AR3DCYITJYMMNBEGQBGLCC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5AFKOQ5CE3CEIULWW4FLQKHFFU6FSYG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5AFKOQ5CE3CEIULWW4FLQKHFFU6FSYG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5FQJ3MLFSEKQYCFPFZIKYGBXPZUJFVY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5FQJ3MLFSEKQYCFPFZIKYGBXPZUJFVY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPOJUJZXGMIVKRS4QR75F6OIXNQ6LDBL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPOJUJZXGMIVKRS4QR75F6OIXNQ6LDBL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIMAHZ6AUIKN7AX26KHZYBXVECIOVWBH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIMAHZ6AUIKN7AX26KHZYBXVECIOVWBH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQCVS7WBFSTKJFNX5PGDRARMTOFWV2O7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQCVS7WBFSTKJFNX5PGDRARMTOFWV2O7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PMQKCAPK2AR3DCYITJYMMNBEGQBGLCC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5AFKOQ5CE3CEIULWW4FLQKHFFU6FSYG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5FQJ3MLFSEKQYCFPFZIKYGBXPZUJFVY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPOJUJZXGMIVKRS4QR75F6OIXNQ6LDBL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIMAHZ6AUIKN7AX26KHZYBXVECIOVWBH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HQCVS7WBFSTKJFNX5PGDRARMTOFWV2O7 https://nvd.nist.gov/vuln/detail/CVE-2022-24769 https://security.gentoo.org/glsa/202401-31 https://ubuntu.com/security/notices/USN-5776-1 https://www.cve.org/CVERecord?id=CVE-2022-24769 https://www.debian.org/security/2022/dsa-5162
github.com/docker/docker	CVE-2022-36109	MEDIUM	v20.10.3-0.20221013203545-33ab36d6b304+incompatible	20.10.18	https://access.redhat.com/security/cve/CVE-2022-36109 https://github.com/moby/moby https://github.com/moby/moby/commit/de7af816e76a7fd3fbf06bffa6832959289fba32 https://github.com/moby/moby/releases/tag/v20.10.18 https://github.com/moby/moby/security/advisories/GHSA-rc4r-wh2q-q6c4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O7JL2QA3RB732MLJ3RMUXB3IB7AA22YU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQQ4E3JBXVR3VK5FIZVJ3QS2TAOOXXTQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7JL2QA3RB732MLJ3RMUXB3IB7AA22YU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQQ4E3JBXVR3VK5FIZVJ3QS2TAOOXXTQ https://nvd.nist.gov/vuln/detail/CVE-2022-36109 https://www.cve.org/CVERecord?id=CVE-2022-36109
github.com/docker/docker	CVE-2023-28841	MEDIUM	v20.10.3-0.20221013203545-33ab36d6b304+incompatible	20.10.24, 23.0.3	https://access.redhat.com/security/cve/CVE-2023-28841 https://github.com/moby/libnetwork/blob/d9fae4c73daf76c3b0f77e14b45b8bf612ba764d/drivers/overlay/encryption.go#L205-L207 https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333 https://github.com/moby/moby https://github.com/moby/moby/issues/43382 https://github.com/moby/moby/pull/45118 https://github.com/moby/moby/security/advisories/GHSA-232p-vwff-86mp https://github.com/moby/moby/security/advisories/GHSA-33pg-m6jh-5237 https://github.com/moby/moby/security/advisories/GHSA-6wrf-mxfj-pf5p https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/ https://nvd.nist.gov/vuln/detail/CVE-2023-28841 https://www.cve.org/CVERecord?id=CVE-2023-28841
github.com/docker/docker	CVE-2023-28842	MEDIUM	v20.10.3-0.20221013203545-33ab36d6b304+incompatible	20.10.24, 23.0.3	https://access.redhat.com/security/cve/CVE-2023-28842 https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333 https://github.com/moby/moby https://github.com/moby/moby/security/advisories/GHSA-232p-vwff-86mp https://github.com/moby/moby/security/advisories/GHSA-33pg-m6jh-5237 https://github.com/moby/moby/security/advisories/GHSA-6wrf-mxfj-pf5p https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/ https://nvd.nist.gov/vuln/detail/CVE-2023-28842 https://www.cve.org/CVERecord?id=CVE-2023-28842
github.com/docker/docker	CVE-2024-24557	MEDIUM	v20.10.3-0.20221013203545-33ab36d6b304+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v20.10.3-0.20221013203545-33ab36d6b304+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v20.10.3-0.20221013203545-33ab36d6b304+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/docker/docker	GHSA-xmmx-7jpf-fx42	MEDIUM	v20.10.3-0.20221013203545-33ab36d6b304+incompatible	20.10.11	https://github.com/moby/moby/security/advisories/GHSA-xmmx-7jpf-fx42
github.com/docker/docker	CVE-2021-41089	LOW	v20.10.3-0.20221013203545-33ab36d6b304+incompatible	20.10.9	https://access.redhat.com/security/cve/CVE-2021-41089 https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf https://github.com/moby/moby https://github.com/moby/moby/commit/bce32e5c93be4caf1a592582155b9cb837fc129a https://github.com/moby/moby/security/advisories/GHSA-v994-f8vw-g7j4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB https://nvd.nist.gov/vuln/detail/CVE-2021-41089 https://pkg.go.dev/vuln/GO-2024-2913 https://ubuntu.com/security/notices/USN-5103-1 https://www.cve.org/CVERecord?id=CVE-2021-41089
github.com/docker/docker	GHSA-vp35-85q5-9f25	LOW	v20.10.3-0.20221013203545-33ab36d6b304+incompatible	20.10.20	https://github.blog/2022-10-17-git-security-vulnerabilities-announced https://github.com/moby/moby https://github.com/moby/moby/releases/tag/v20.10.20 https://github.com/moby/moby/security/advisories/GHSA-vp35-85q5-9f25 https://lore.kernel.org/git/xmqq4jw1uku5.fsf@gitster.g/T/#u
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_datadog/3.15.0/bin/helper (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_datadog/3.15.0/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_datadog/3.6.0/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2023-24538	CRITICAL	v1.18.10	1.19.8, 1.20.3	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24538 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/20374d1d759bc4e17486bde1cb9dca5be37d9e52 (go1.20.3) https://github.com/golang/go/commit/b1e3ecfa06b67014429a197ec5e134ce4303ad9b (go1.19.8) https://github.com/golang/go/issues/59234 https://go.dev/cl/482079 https://go.dev/issue/59234 https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8 https://linux.oracle.com/cve/CVE-2023-24538.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24538 https://pkg.go.dev/vuln/GO-2023-1703 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://ubuntu.com/security/notices/USN-6140-1 https://ubuntu.com/security/notices/USN-7061-1 https://www.cve.org/CVERecord?id=CVE-2023-24538
stdlib	CVE-2023-24540	CRITICAL	v1.18.10	1.19.9, 1.20.4	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24540 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/4a28cad66655ee01c6e944271e23c33cab021765 (go1.20.4) https://github.com/golang/go/commit/ce7bd33345416e6d8cac901792060591cafc2797 (go1.19.9) https://github.com/golang/go/issues/59721 https://go.dev/cl/491616 https://go.dev/issue/59721 https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU https://linux.oracle.com/cve/CVE-2023-24540.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24540 https://pkg.go.dev/vuln/GO-2023-1752 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24540
stdlib	CVE-2024-24790	CRITICAL	v1.18.10	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2022-41722	HIGH	v1.18.10	1.19.6, 1.20.1	https://access.redhat.com/security/cve/CVE-2022-41722 https://go.dev/cl/468123 https://go.dev/issue/57274 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://nvd.nist.gov/vuln/detail/CVE-2022-41722 https://pkg.go.dev/vuln/GO-2023-1568 https://www.cve.org/CVERecord?id=CVE-2022-41722
stdlib	CVE-2022-41723	HIGH	v1.18.10	1.19.6, 1.20.1	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2022-41723 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/advisories/GHSA-vvpx-j8f3-3w6h https://go.dev/cl/468135 https://go.dev/cl/468295 https://go.dev/issue/57855 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://linux.oracle.com/cve/CVE-2022-41723.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/ https://nvd.nist.gov/vuln/detail/CVE-2022-41723 https://pkg.go.dev/vuln/GO-2023-1571 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://vuln.go.dev/ID/GO-2023-1571.json https://www.couchbase.com/alerts https://www.couchbase.com/alerts/ https://www.cve.org/CVERecord?id=CVE-2022-41723
stdlib	CVE-2022-41724	HIGH	v1.18.10	1.19.6, 1.20.1	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2022-41724 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/468125 https://go.dev/issue/58001 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://linux.oracle.com/cve/CVE-2022-41724.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2022-41724 https://pkg.go.dev/vuln/GO-2023-1570 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6140-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2022-41724
stdlib	CVE-2022-41725	HIGH	v1.18.10	1.19.6, 1.20.1	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2022-41725 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/5c55ac9bf1e5f779220294c843526536605f42ab [1.19] https://go.dev/cl/468124 https://go.dev/issue/58006 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://linux.oracle.com/cve/CVE-2022-41725.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2022-41725 https://pkg.go.dev/vuln/GO-2023-1569 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6140-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2022-41725
stdlib	CVE-2023-24534	HIGH	v1.18.10	1.19.8, 1.20.3	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24534 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/3991f6c41c7dfd167e889234c0cf1d840475e93c (go1.20.3) https://github.com/golang/go/commit/d6759e7a059f4208f07aa781402841d7ddaaef96 (go1.19.8) https://go.dev/cl/481994 https://go.dev/issue/58975 https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8 https://linux.oracle.com/cve/CVE-2023-24534.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24534 https://pkg.go.dev/vuln/GO-2023-1704 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230526-0007/ https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24534
stdlib	CVE-2023-24536	HIGH	v1.18.10	1.19.8, 1.20.3	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24536 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/7917b5f31204528ea72e0629f0b7d52b35b27538 (go.1.19.8) https://github.com/golang/go/commit/bf8c7c575c8a552d9d79deb29e80854dc88528d0 (go1.20.3) https://go.dev/cl/482075 https://go.dev/cl/482076 https://go.dev/cl/482077 https://go.dev/issue/59153 https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8 https://linux.oracle.com/cve/CVE-2023-24536.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24536 https://pkg.go.dev/vuln/GO-2023-1705 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230526-0007/ https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-24536
stdlib	CVE-2023-24537	HIGH	v1.18.10	1.19.8, 1.20.3	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24537 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/126a1d02da82f93ede7ce0bd8d3c51ef627f2104 (go1.19.8) https://github.com/golang/go/commit/e7c4b07ecf6b367f1afc9cc48cde963829dd0aab (go1.20.3) https://github.com/golang/go/issues/59180 https://go.dev/cl/482078 https://go.dev/issue/59180 https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8 https://linux.oracle.com/cve/CVE-2023-24537.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24537 https://pkg.go.dev/vuln/GO-2023-1702 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24537
stdlib	CVE-2023-24539	HIGH	v1.18.10	1.19.9, 1.20.4	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24539 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/090590fdccc8442728aa31601927da1bf2ef1288 (go1.20.4) https://github.com/golang/go/commit/e49282327b05192e46086bf25fd3ac691205fe80 (go1.19.9) https://github.com/golang/go/issues/59720 https://go.dev/cl/491615 https://go.dev/issue/59720 https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU https://linux.oracle.com/cve/CVE-2023-24539.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24539 https://pkg.go.dev/vuln/GO-2023-1751 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24539
stdlib	CVE-2023-29400	HIGH	v1.18.10	1.19.9, 1.20.4	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29400 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/337dd75343145b74ed2073d793322eb4103b56ad (go1.20.4) https://github.com/golang/go/commit/9db0e74f606b8afb28cc71d4b1c8b4ed24cabbf5 (go1.19.9) https://github.com/golang/go/issues/59722 https://go.dev/cl/491617 https://go.dev/issue/59722 https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU https://linux.oracle.com/cve/CVE-2023-29400.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-29400 https://pkg.go.dev/vuln/GO-2023-1753 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-29400
stdlib	CVE-2023-29403	HIGH	v1.18.10	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.18.10	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.18.10	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45287	HIGH	v1.18.10	1.20.0	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-45287 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://go.dev/cl/326012/26 https://go.dev/issue/20654 https://groups.google.com/g/golang-announce/c/QMK8IQALDvA https://linux.oracle.com/cve/CVE-2023-45287.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-45287 https://people.redhat.com/~hkario/marvin/ https://pkg.go.dev/vuln/GO-2023-2375 https://security.netapp.com/advisory/ntap-20240112-0005/ https://www.cve.org/CVERecord?id=CVE-2023-45287
stdlib	CVE-2023-45288	HIGH	v1.18.10	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.18.10	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-24532	MEDIUM	v1.18.10	1.19.7, 1.20.2	https://access.redhat.com/security/cve/CVE-2023-24532 https://go.dev/cl/471255 https://go.dev/issue/58647 https://groups.google.com/g/golang-announce/c/3-TpUx48iQY https://nvd.nist.gov/vuln/detail/CVE-2023-24532 https://pkg.go.dev/vuln/GO-2023-1621 https://www.cve.org/CVERecord?id=CVE-2023-24532
stdlib	CVE-2023-29406	MEDIUM	v1.18.10	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.18.10	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.18.10	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.18.10	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.18.10	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.18.10	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.18.10	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.18.10	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.18.10	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.18.10	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.18.10	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.18.10	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.18.10	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.18.10	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.18.10	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_dist-zip/5.6.4/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_dotnet-core-aspnet-runtime/0.3.19/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.2	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/cloudflare/circl	CVE-2023-1732	MEDIUM	v1.3.2	1.3.3	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/ff8d91225f8954b4970b6d6382d2e4c78f4a4cf8 https://github.com/cloudflare/circl/releases/tag/v1.3.3 https://github.com/cloudflare/circl/security/advisories/GHSA-2q89-485c-9j2x https://nvd.nist.gov/vuln/detail/CVE-2023-1732
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_dotnet-core-sdk/0.13.17/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_dotnet-execute/0.14.17/bin/port-chooser (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_dotnet-execute/0.14.17/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_dotnet-publish/0.12.15/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_encrypt-at-rest/4.5.5/bin/helper (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.11.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_encrypt-at-rest/4.5.5/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.11.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_environment-variables/4.5.2/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_environment-variables/4.5.3/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_executable-jar/6.7.4/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_git/1.0.6/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.9.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.9.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.9.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.9.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2023-24540	CRITICAL	v1.20.3	1.19.9, 1.20.4	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24540 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/4a28cad66655ee01c6e944271e23c33cab021765 (go1.20.4) https://github.com/golang/go/commit/ce7bd33345416e6d8cac901792060591cafc2797 (go1.19.9) https://github.com/golang/go/issues/59721 https://go.dev/cl/491616 https://go.dev/issue/59721 https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU https://linux.oracle.com/cve/CVE-2023-24540.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24540 https://pkg.go.dev/vuln/GO-2023-1752 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24540
stdlib	CVE-2024-24790	CRITICAL	v1.20.3	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-24539	HIGH	v1.20.3	1.19.9, 1.20.4	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24539 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/090590fdccc8442728aa31601927da1bf2ef1288 (go1.20.4) https://github.com/golang/go/commit/e49282327b05192e46086bf25fd3ac691205fe80 (go1.19.9) https://github.com/golang/go/issues/59720 https://go.dev/cl/491615 https://go.dev/issue/59720 https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU https://linux.oracle.com/cve/CVE-2023-24539.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24539 https://pkg.go.dev/vuln/GO-2023-1751 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24539
stdlib	CVE-2023-29400	HIGH	v1.20.3	1.19.9, 1.20.4	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29400 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/337dd75343145b74ed2073d793322eb4103b56ad (go1.20.4) https://github.com/golang/go/commit/9db0e74f606b8afb28cc71d4b1c8b4ed24cabbf5 (go1.19.9) https://github.com/golang/go/issues/59722 https://go.dev/cl/491617 https://go.dev/issue/59722 https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU https://linux.oracle.com/cve/CVE-2023-29400.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-29400 https://pkg.go.dev/vuln/GO-2023-1753 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-29400
stdlib	CVE-2023-29403	HIGH	v1.20.3	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.20.3	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.3	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.3	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.3	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.3	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.3	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.3	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.3	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.3	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.3	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.3	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.3	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.3	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.3	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.3	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.3	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.3	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.3	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.3	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_go-build/2.0.22/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_go-dist/2.3.10/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_go-mod-vendor/1.0.21/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_google-stackdriver/7.6.1/bin/helper (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_google-stackdriver/7.6.1/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_gradle/7.3.0/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_httpd/0.7.11/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.55.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.55.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_icu/0.6.14/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_image-labels/4.5.1/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_image-labels/4.5.2/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_jattach/1.4.4/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_java-memory-assistant/1.4.4/bin/helper (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_java-memory-assistant/1.4.4/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_leiningen/4.6.4/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_liberty/3.8.2/bin/helper (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_liberty/3.8.2/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.11.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.11.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.11.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.11.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_maven/6.15.5/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_miniconda/0.8.4/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_mri/0.14.5/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_native-image/5.12.1/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_nginx/0.15.3/bin/configure (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_nginx/0.15.3/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.55.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.55.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_node-engine/1.6.0/bin/optimize-memory (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_node-engine/1.6.0/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.55.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.55.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_node-run-script/1.0.10/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.11.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.11.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.11.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.11.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_node-start/1.0.11/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.11.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.11.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.11.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.11.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_npm-install/1.1.4/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.55.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.55.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_npm-install/1.1.4/bin/setup-symlinks (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.55.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.55.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_npm-start/1.0.11/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.11.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.11.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.11.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.11.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_passenger/0.10.3/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.2	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/cloudflare/circl	CVE-2023-1732	MEDIUM	v1.3.2	1.3.3	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/ff8d91225f8954b4970b6d6382d2e4c78f4a4cf8 https://github.com/cloudflare/circl/releases/tag/v1.3.3 https://github.com/cloudflare/circl/security/advisories/GHSA-2q89-485c-9j2x https://nvd.nist.gov/vuln/detail/CVE-2023-1732
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_pip-install/0.5.16/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.2	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/cloudflare/circl	CVE-2023-1732	MEDIUM	v1.3.2	1.3.3	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/ff8d91225f8954b4970b6d6382d2e4c78f4a4cf8 https://github.com/cloudflare/circl/releases/tag/v1.3.3 https://github.com/cloudflare/circl/security/advisories/GHSA-2q89-485c-9j2x https://nvd.nist.gov/vuln/detail/CVE-2023-1732
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_pip/0.17.4/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_pipenv-install/0.6.17/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.1.0	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/cloudflare/circl	CVE-2023-1732	MEDIUM	v1.1.0	1.3.3	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/ff8d91225f8954b4970b6d6382d2e4c78f4a4cf8 https://github.com/cloudflare/circl/releases/tag/v1.3.3 https://github.com/cloudflare/circl/security/advisories/GHSA-2q89-485c-9j2x https://nvd.nist.gov/vuln/detail/CVE-2023-1732
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_pipenv/1.18.0/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_poetry-install/0.3.16/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.1.0	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/cloudflare/circl	CVE-2023-1732	MEDIUM	v1.1.0	1.3.3	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/ff8d91225f8954b4970b6d6382d2e4c78f4a4cf8 https://github.com/cloudflare/circl/releases/tag/v1.3.3 https://github.com/cloudflare/circl/security/advisories/GHSA-2q89-485c-9j2x https://nvd.nist.gov/vuln/detail/CVE-2023-1732
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_poetry-run/0.4.18/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.11.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.11.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.11.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.11.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_poetry/0.6.4/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.1.0	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/cloudflare/circl	CVE-2023-1732	MEDIUM	v1.1.0	1.3.3	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/ff8d91225f8954b4970b6d6382d2e4c78f4a4cf8 https://github.com/cloudflare/circl/releases/tag/v1.3.3 https://github.com/cloudflare/circl/security/advisories/GHSA-2q89-485c-9j2x https://nvd.nist.gov/vuln/detail/CVE-2023-1732
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_procfile/5.6.3/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_procfile/5.6.3/bin/main.exe (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_procfile/5.6.4/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_procfile/5.6.4/bin/main.exe (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_puma/0.4.31/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.12.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.12.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.12.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.12.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_python-start/0.14.11/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.11.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.11.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.11.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.11.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_rackup/0.4.30/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.12.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.12.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.12.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.12.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_rails-assets/0.9.1/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.12.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.12.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.12.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.12.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_rake/0.4.30/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.12.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.12.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.12.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.12.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_sbt/6.12.2/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_source-removal/0.2.0/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2023-24538	CRITICAL	v1.18.3	1.19.8, 1.20.3	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24538 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/20374d1d759bc4e17486bde1cb9dca5be37d9e52 (go1.20.3) https://github.com/golang/go/commit/b1e3ecfa06b67014429a197ec5e134ce4303ad9b (go1.19.8) https://github.com/golang/go/issues/59234 https://go.dev/cl/482079 https://go.dev/issue/59234 https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8 https://linux.oracle.com/cve/CVE-2023-24538.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24538 https://pkg.go.dev/vuln/GO-2023-1703 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://ubuntu.com/security/notices/USN-6140-1 https://ubuntu.com/security/notices/USN-7061-1 https://www.cve.org/CVERecord?id=CVE-2023-24538
stdlib	CVE-2023-24540	CRITICAL	v1.18.3	1.19.9, 1.20.4	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24540 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/4a28cad66655ee01c6e944271e23c33cab021765 (go1.20.4) https://github.com/golang/go/commit/ce7bd33345416e6d8cac901792060591cafc2797 (go1.19.9) https://github.com/golang/go/issues/59721 https://go.dev/cl/491616 https://go.dev/issue/59721 https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU https://linux.oracle.com/cve/CVE-2023-24540.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24540 https://pkg.go.dev/vuln/GO-2023-1752 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24540
stdlib	CVE-2024-24790	CRITICAL	v1.18.3	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2022-27664	HIGH	v1.18.3	1.18.6, 1.19.1	https://access.redhat.com/errata/RHSA-2023:2357 https://access.redhat.com/security/cve/CVE-2022-27664 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2113814 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=1913333 https://bugzilla.redhat.com/show_bug.cgi?id=1913338 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://bugzilla.redhat.com/show_bug.cgi?id=2113814 https://bugzilla.redhat.com/show_bug.cgi?id=2124669 https://cs.opensource.google/go/x/net https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189 https://errata.almalinux.org/9/ALSA-2023-2357.html https://errata.rockylinux.org/RLSA-2022:7129 https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6) https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1) https://github.com/golang/go/issues/54658 https://go.dev/cl/428735 https://go.dev/issue/54658 https://groups.google.com/g/golang-announce https://groups.google.com/g/golang-announce/c/x49AQzIVX-s https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ https://linux.oracle.com/cve/CVE-2022-27664.html https://linux.oracle.com/errata/ELSA-2024-0121.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX https://nvd.nist.gov/vuln/detail/CVE-2022-27664 https://pkg.go.dev/vuln/GO-2022-0969 https://security.gentoo.org/glsa/202209-26 https://security.netapp.com/advisory/ntap-20220923-0004 https://security.netapp.com/advisory/ntap-20220923-0004/ https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-27664
stdlib	CVE-2022-28131	HIGH	v1.18.3	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2022:8057 https://access.redhat.com/security/cve/CVE-2022-28131 https://bugzilla.redhat.com/2044628 https://bugzilla.redhat.com/2045880 https://bugzilla.redhat.com/2050648 https://bugzilla.redhat.com/2050742 https://bugzilla.redhat.com/2050743 https://bugzilla.redhat.com/2065290 https://bugzilla.redhat.com/2107342 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107376 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2107390 https://bugzilla.redhat.com/2107392 https://bugzilla.redhat.com/show_bug.cgi?id=2044628 https://bugzilla.redhat.com/show_bug.cgi?id=2045880 https://bugzilla.redhat.com/show_bug.cgi?id=2050648 https://bugzilla.redhat.com/show_bug.cgi?id=2050742 https://bugzilla.redhat.com/show_bug.cgi?id=2050743 https://bugzilla.redhat.com/show_bug.cgi?id=2055349 https://bugzilla.redhat.com/show_bug.cgi?id=2065290 https://bugzilla.redhat.com/show_bug.cgi?id=2104367 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107376 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://bugzilla.redhat.com/show_bug.cgi?id=2107390 https://bugzilla.redhat.com/show_bug.cgi?id=2107392 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2022-8057.html https://errata.rockylinux.org/RLSA-2022:8057 https://github.com/golang/go/commit/90f040ec510dd678b7860d70ca77e5682f4c7e96 https://go.dev/cl/417062 https://go.dev/issue/53614 https://go.googlesource.com/go/+/08c46ed43d80bbb67cb904944ea3417989be4af3 https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-28131.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-28131 https://pkg.go.dev/vuln/GO-2022-0521 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-28131
stdlib	CVE-2022-2879	HIGH	v1.18.3	1.18.7, 1.19.2	https://access.redhat.com/errata/RHSA-2023:2204 https://access.redhat.com/security/cve/CVE-2022-2879 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132867 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=2132867 https://bugzilla.redhat.com/show_bug.cgi?id=2132868 https://bugzilla.redhat.com/show_bug.cgi?id=2132872 https://bugzilla.redhat.com/show_bug.cgi?id=2149311 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2879 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2880 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41715 https://errata.almalinux.org/9/ALSA-2023-2204.html https://errata.rockylinux.org/RLSA-2023:0328 https://github.com/golang/go/commit/0a723816cd205576945fa57fbdde7e6532d59d08 (go1.18.7) https://github.com/golang/go/commit/4fa773cdefd20be093c84f731be7d4febf5536fa (go1.19.2) https://github.com/golang/go/issues/54853 https://go.dev/cl/439355 https://go.dev/issue/54853 https://groups.google.com/g/golang-announce/c/xtuG5faxtaU https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1 https://linux.oracle.com/cve/CVE-2022-2879.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2022-2879 https://pkg.go.dev/vuln/GO-2022-1037 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-2879
stdlib	CVE-2022-2880	HIGH	v1.18.3	1.18.7, 1.19.2	https://access.redhat.com/errata/RHSA-2023:2357 https://access.redhat.com/security/cve/CVE-2022-2880 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2113814 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=2132867 https://bugzilla.redhat.com/show_bug.cgi?id=2132868 https://bugzilla.redhat.com/show_bug.cgi?id=2132872 https://bugzilla.redhat.com/show_bug.cgi?id=2149311 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2879 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2880 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41715 https://errata.almalinux.org/9/ALSA-2023-2357.html https://errata.rockylinux.org/RLSA-2023:0328 https://github.com/golang/go/commit/9d2c73a9fd69e45876509bb3bdb2af99bf77da1e (go1.18.7) https://github.com/golang/go/commit/f6d844510d5f1e3b3098eba255d9b633d45eac3b (go1.19.2) https://github.com/golang/go/issues/54663 https://go.dev/cl/432976 https://go.dev/issue/54663 https://groups.google.com/g/golang-announce/c/xtuG5faxtaU https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1 https://linux.oracle.com/cve/CVE-2022-2880.html https://linux.oracle.com/errata/ELSA-2024-3254.html https://nvd.nist.gov/vuln/detail/CVE-2022-2880 https://pkg.go.dev/vuln/GO-2022-1038 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-2880
stdlib	CVE-2022-30630	HIGH	v1.18.3	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2024:2180 https://access.redhat.com/security/cve/CVE-2022-30630 https://bugzilla.redhat.com/2107342 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2024-2180.html https://errata.rockylinux.org/RLSA-2022:8250 https://github.com/golang/go/commit/315e80d293b684ac2902819e58f618f1b5a14d49 (1.18) https://go.dev/cl/417065 https://go.dev/issue/53415 https://go.googlesource.com/go/+/fa2d41d0ca736f3ad6b200b2a4e134364e9acc59 https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-30630.html https://linux.oracle.com/errata/ELSA-2024-2180.html https://nvd.nist.gov/vuln/detail/CVE-2022-30630 https://pkg.go.dev/vuln/GO-2022-0527 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-30630
stdlib	CVE-2022-30631	HIGH	v1.18.3	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2024:2180 https://access.redhat.com/security/cve/CVE-2022-30631 https://bugzilla.redhat.com/2107342 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2024-2180.html https://errata.rockylinux.org/RLSA-2022:8250 https://github.com/golang/go/commit/8e27a8ac4c001c27713810b75925aa3794049c48 (1.18) https://go.dev/cl/417067 https://go.dev/issue/53168 https://go.googlesource.com/go/+/b2b8872c876201eac2d0707276c6999ff3eb185e https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-30631.html https://linux.oracle.com/errata/ELSA-2024-2180.html https://nvd.nist.gov/vuln/detail/CVE-2022-30631 https://pkg.go.dev/vuln/GO-2022-0524 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-30631
stdlib	CVE-2022-30632	HIGH	v1.18.3	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2024:2180 https://access.redhat.com/security/cve/CVE-2022-30632 https://bugzilla.redhat.com/2107342 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2024-2180.html https://errata.rockylinux.org/RLSA-2022:8250 https://github.com/golang/go/commit/5ebd862b1714dad1544bd10a24c47cdb53ad7f46 (1.18) https://go.dev/cl/417066 https://go.dev/issue/53416 https://go.googlesource.com/go/+/ac68c6c683409f98250d34ad282b9e1b0c9095ef https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-30632.html https://linux.oracle.com/errata/ELSA-2024-2180.html https://nvd.nist.gov/vuln/detail/CVE-2022-30632 https://pkg.go.dev/vuln/GO-2022-0522 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-30632
stdlib	CVE-2022-30633	HIGH	v1.18.3	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2022:8057 https://access.redhat.com/security/cve/CVE-2022-30633 https://bugzilla.redhat.com/2044628 https://bugzilla.redhat.com/2045880 https://bugzilla.redhat.com/2050648 https://bugzilla.redhat.com/2050742 https://bugzilla.redhat.com/2050743 https://bugzilla.redhat.com/2065290 https://bugzilla.redhat.com/2107342 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107376 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2107390 https://bugzilla.redhat.com/2107392 https://bugzilla.redhat.com/show_bug.cgi?id=2044628 https://bugzilla.redhat.com/show_bug.cgi?id=2045880 https://bugzilla.redhat.com/show_bug.cgi?id=2050648 https://bugzilla.redhat.com/show_bug.cgi?id=2050742 https://bugzilla.redhat.com/show_bug.cgi?id=2050743 https://bugzilla.redhat.com/show_bug.cgi?id=2055349 https://bugzilla.redhat.com/show_bug.cgi?id=2065290 https://bugzilla.redhat.com/show_bug.cgi?id=2104367 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107376 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://bugzilla.redhat.com/show_bug.cgi?id=2107390 https://bugzilla.redhat.com/show_bug.cgi?id=2107392 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2022-8057.html https://errata.rockylinux.org/RLSA-2022:8057 https://github.com/golang/go/commit/2924ced71d16297320e8ff18829c2038e6ad8d9b (1.18) https://go.dev/cl/417061 https://go.dev/issue/53611 https://go.googlesource.com/go/+/c4c1993fd2a5b26fe45c09592af6d3388a3b2e08 https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-30633.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-30633 https://pkg.go.dev/vuln/GO-2022-0523 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-30633
stdlib	CVE-2022-30635	HIGH	v1.18.3	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2023:2357 https://access.redhat.com/security/cve/CVE-2022-30635 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2113814 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2023-2357.html https://errata.rockylinux.org/RLSA-2022:8250 https://github.com/golang/go/commit/fb979a50823e5a0575cf6166b3f17a13364cbf81 (1.18) https://go.dev/cl/417064 https://go.dev/issue/53615 https://go.googlesource.com/go/+/6fa37e98ea4382bf881428ee0c150ce591500eb7 https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-30635.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-30635 https://pkg.go.dev/vuln/GO-2022-0526 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-30635
stdlib	CVE-2022-32189	HIGH	v1.18.3	1.17.13, 1.18.5	https://access.redhat.com/errata/RHSA-2023:2357 https://access.redhat.com/security/cve/CVE-2022-32189 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2113814 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=2059869 https://bugzilla.redhat.com/show_bug.cgi?id=2059870 https://bugzilla.redhat.com/show_bug.cgi?id=2060061 https://bugzilla.redhat.com/show_bug.cgi?id=2062597 https://bugzilla.redhat.com/show_bug.cgi?id=2064087 https://bugzilla.redhat.com/show_bug.cgi?id=2088459 https://bugzilla.redhat.com/show_bug.cgi?id=2105961 https://bugzilla.redhat.com/show_bug.cgi?id=2110864 https://bugzilla.redhat.com/show_bug.cgi?id=2113814 https://bugzilla.redhat.com/show_bug.cgi?id=2118831 https://bugzilla.redhat.com/show_bug.cgi?id=2123055 https://bugzilla.redhat.com/show_bug.cgi?id=2123210 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189 https://errata.almalinux.org/9/ALSA-2023-2357.html https://errata.rockylinux.org/RLSA-2022:7950 https://github.com/golang/go/commit/9240558e4f342fc6e98fec22de17c04b45089349 (1.18) https://go.dev/cl/417774 https://go.dev/issue/53871 https://go.googlesource.com/go/+/055113ef364337607e3e72ed7d48df67fde6fc66 https://groups.google.com/g/golang-announce/c/YqYYG87xB10 https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU https://linux.oracle.com/cve/CVE-2022-32189.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-32189 https://pkg.go.dev/vuln/GO-2022-0537 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-32189
stdlib	CVE-2022-41715	HIGH	v1.18.3	1.18.7, 1.19.2	https://access.redhat.com/errata/RHSA-2023:2592 https://access.redhat.com/security/cve/CVE-2022-41715 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/show_bug.cgi?id=2132867 https://bugzilla.redhat.com/show_bug.cgi?id=2132868 https://bugzilla.redhat.com/show_bug.cgi?id=2132872 https://bugzilla.redhat.com/show_bug.cgi?id=2149311 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2879 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2880 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41715 https://errata.almalinux.org/9/ALSA-2023-2592.html https://errata.rockylinux.org/RLSA-2023:0328 https://github.com/golang/go/commit/645abfe529dc325e16daa17210640c2907d1c17a (go1.19.2) https://github.com/golang/go/commit/e9017c2416ad0ef642f5e0c2eab2dbf3cba4d997 (go1.18.7) https://github.com/golang/go/issues/55949 https://go.dev/cl/439356 https://go.dev/issue/55949 https://groups.google.com/g/golang-announce/c/xtuG5faxtaU https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1 https://linux.oracle.com/cve/CVE-2022-41715.html https://linux.oracle.com/errata/ELSA-2024-3254.html https://nvd.nist.gov/vuln/detail/CVE-2022-41715 https://pkg.go.dev/vuln/GO-2022-1039 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://www.cve.org/CVERecord?id=CVE-2022-41715
stdlib	CVE-2022-41716	HIGH	v1.18.3	1.18.8, 1.19.3	https://go.dev/cl/446916 https://go.dev/issue/56284 https://groups.google.com/g/golang-announce/c/mbHY1UY3BaM/m/hSpmRzk-AgAJ https://linux.oracle.com/cve/CVE-2022-41716.html https://linux.oracle.com/errata/ELSA-2023-18908.html https://pkg.go.dev/vuln/GO-2022-1095
stdlib	CVE-2022-41720	HIGH	v1.18.3	1.18.9, 1.19.4	https://access.redhat.com/security/cve/CVE-2022-41720 https://go.dev/cl/455716 https://go.dev/issue/56694 https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ https://linux.oracle.com/cve/CVE-2022-41720.html https://linux.oracle.com/errata/ELSA-2023-18908.html https://nvd.nist.gov/vuln/detail/CVE-2022-41720 https://pkg.go.dev/vuln/GO-2022-1143 https://www.cve.org/CVERecord?id=CVE-2022-41720
stdlib	CVE-2022-41722	HIGH	v1.18.3	1.19.6, 1.20.1	https://access.redhat.com/security/cve/CVE-2022-41722 https://go.dev/cl/468123 https://go.dev/issue/57274 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://nvd.nist.gov/vuln/detail/CVE-2022-41722 https://pkg.go.dev/vuln/GO-2023-1568 https://www.cve.org/CVERecord?id=CVE-2022-41722
stdlib	CVE-2022-41723	HIGH	v1.18.3	1.19.6, 1.20.1	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2022-41723 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/advisories/GHSA-vvpx-j8f3-3w6h https://go.dev/cl/468135 https://go.dev/cl/468295 https://go.dev/issue/57855 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://linux.oracle.com/cve/CVE-2022-41723.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/ https://nvd.nist.gov/vuln/detail/CVE-2022-41723 https://pkg.go.dev/vuln/GO-2023-1571 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://vuln.go.dev/ID/GO-2023-1571.json https://www.couchbase.com/alerts https://www.couchbase.com/alerts/ https://www.cve.org/CVERecord?id=CVE-2022-41723
stdlib	CVE-2022-41724	HIGH	v1.18.3	1.19.6, 1.20.1	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2022-41724 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/468125 https://go.dev/issue/58001 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://linux.oracle.com/cve/CVE-2022-41724.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2022-41724 https://pkg.go.dev/vuln/GO-2023-1570 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6140-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2022-41724
stdlib	CVE-2022-41725	HIGH	v1.18.3	1.19.6, 1.20.1	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2022-41725 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/5c55ac9bf1e5f779220294c843526536605f42ab [1.19] https://go.dev/cl/468124 https://go.dev/issue/58006 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://linux.oracle.com/cve/CVE-2022-41725.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2022-41725 https://pkg.go.dev/vuln/GO-2023-1569 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6140-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2022-41725
stdlib	CVE-2023-24534	HIGH	v1.18.3	1.19.8, 1.20.3	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24534 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/3991f6c41c7dfd167e889234c0cf1d840475e93c (go1.20.3) https://github.com/golang/go/commit/d6759e7a059f4208f07aa781402841d7ddaaef96 (go1.19.8) https://go.dev/cl/481994 https://go.dev/issue/58975 https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8 https://linux.oracle.com/cve/CVE-2023-24534.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24534 https://pkg.go.dev/vuln/GO-2023-1704 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230526-0007/ https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24534
stdlib	CVE-2023-24536	HIGH	v1.18.3	1.19.8, 1.20.3	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24536 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/7917b5f31204528ea72e0629f0b7d52b35b27538 (go.1.19.8) https://github.com/golang/go/commit/bf8c7c575c8a552d9d79deb29e80854dc88528d0 (go1.20.3) https://go.dev/cl/482075 https://go.dev/cl/482076 https://go.dev/cl/482077 https://go.dev/issue/59153 https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8 https://linux.oracle.com/cve/CVE-2023-24536.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24536 https://pkg.go.dev/vuln/GO-2023-1705 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230526-0007/ https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-24536
stdlib	CVE-2023-24537	HIGH	v1.18.3	1.19.8, 1.20.3	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24537 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/126a1d02da82f93ede7ce0bd8d3c51ef627f2104 (go1.19.8) https://github.com/golang/go/commit/e7c4b07ecf6b367f1afc9cc48cde963829dd0aab (go1.20.3) https://github.com/golang/go/issues/59180 https://go.dev/cl/482078 https://go.dev/issue/59180 https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8 https://linux.oracle.com/cve/CVE-2023-24537.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24537 https://pkg.go.dev/vuln/GO-2023-1702 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24537
stdlib	CVE-2023-24539	HIGH	v1.18.3	1.19.9, 1.20.4	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24539 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/090590fdccc8442728aa31601927da1bf2ef1288 (go1.20.4) https://github.com/golang/go/commit/e49282327b05192e46086bf25fd3ac691205fe80 (go1.19.9) https://github.com/golang/go/issues/59720 https://go.dev/cl/491615 https://go.dev/issue/59720 https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU https://linux.oracle.com/cve/CVE-2023-24539.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24539 https://pkg.go.dev/vuln/GO-2023-1751 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24539
stdlib	CVE-2023-29400	HIGH	v1.18.3	1.19.9, 1.20.4	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29400 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/337dd75343145b74ed2073d793322eb4103b56ad (go1.20.4) https://github.com/golang/go/commit/9db0e74f606b8afb28cc71d4b1c8b4ed24cabbf5 (go1.19.9) https://github.com/golang/go/issues/59722 https://go.dev/cl/491617 https://go.dev/issue/59722 https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU https://linux.oracle.com/cve/CVE-2023-29400.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-29400 https://pkg.go.dev/vuln/GO-2023-1753 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-29400
stdlib	CVE-2023-29403	HIGH	v1.18.3	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.18.3	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.18.3	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45287	HIGH	v1.18.3	1.20.0	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-45287 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://go.dev/cl/326012/26 https://go.dev/issue/20654 https://groups.google.com/g/golang-announce/c/QMK8IQALDvA https://linux.oracle.com/cve/CVE-2023-45287.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-45287 https://people.redhat.com/~hkario/marvin/ https://pkg.go.dev/vuln/GO-2023-2375 https://security.netapp.com/advisory/ntap-20240112-0005/ https://www.cve.org/CVERecord?id=CVE-2023-45287
stdlib	CVE-2023-45288	HIGH	v1.18.3	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.18.3	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2022-1705	MEDIUM	v1.18.3	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2023:2357 https://access.redhat.com/security/cve/CVE-2022-1705 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2113814 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2023-2357.html https://errata.rockylinux.org/RLSA-2022:8250 https://github.com/golang/go/commit/e5017a93fcde94f09836200bca55324af037ee5f https://go.dev/cl/409874 https://go.dev/cl/410714 https://go.dev/issue/53188 https://go.googlesource.com/go/+/e5017a93fcde94f09836200bca55324af037ee5f https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-1705.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-1705 https://pkg.go.dev/vuln/GO-2022-0525 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-1705
stdlib	CVE-2022-1962	MEDIUM	v1.18.3	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2022:8057 https://access.redhat.com/security/cve/CVE-2022-1962 https://bugzilla.redhat.com/2044628 https://bugzilla.redhat.com/2045880 https://bugzilla.redhat.com/2050648 https://bugzilla.redhat.com/2050742 https://bugzilla.redhat.com/2050743 https://bugzilla.redhat.com/2065290 https://bugzilla.redhat.com/2107342 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107376 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2107390 https://bugzilla.redhat.com/2107392 https://bugzilla.redhat.com/show_bug.cgi?id=2044628 https://bugzilla.redhat.com/show_bug.cgi?id=2045880 https://bugzilla.redhat.com/show_bug.cgi?id=2050648 https://bugzilla.redhat.com/show_bug.cgi?id=2050742 https://bugzilla.redhat.com/show_bug.cgi?id=2050743 https://bugzilla.redhat.com/show_bug.cgi?id=2055349 https://bugzilla.redhat.com/show_bug.cgi?id=2065290 https://bugzilla.redhat.com/show_bug.cgi?id=2104367 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107376 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://bugzilla.redhat.com/show_bug.cgi?id=2107390 https://bugzilla.redhat.com/show_bug.cgi?id=2107392 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2022-8057.html https://errata.rockylinux.org/RLSA-2022:8057 https://github.com/golang/go/commit/695be961d57508da5a82217f7415200a11845879 https://go.dev/cl/417063 https://go.dev/issue/53616 https://go.googlesource.com/go/+/695be961d57508da5a82217f7415200a11845879 https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-1962.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-1962 https://pkg.go.dev/vuln/GO-2022-0515 https://ubuntu.com/security/notices/USN-6038-1 https://www.cve.org/CVERecord?id=CVE-2022-1962
stdlib	CVE-2022-32148	MEDIUM	v1.18.3	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2023:2357 https://access.redhat.com/security/cve/CVE-2022-32148 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2113814 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2023-2357.html https://errata.rockylinux.org/RLSA-2022:8250 https://github.com/golang/go/commit/ebea1e3353fa766025aa5190b9c7cc05cf069187 (1.18) https://go.dev/cl/412857 https://go.dev/issue/53423 https://go.googlesource.com/go/+/b2cc0fecc2ccd80e6d5d16542cc684f97b3a9c8a https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-32148.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-32148 https://pkg.go.dev/vuln/GO-2022-0520 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-32148
stdlib	CVE-2022-41717	MEDIUM	v1.18.3	1.18.9, 1.19.4	https://access.redhat.com/errata/RHSA-2023:6420 https://access.redhat.com/security/cve/CVE-2022-41717 https://bugzilla.redhat.com/2131146 https://bugzilla.redhat.com/2131147 https://bugzilla.redhat.com/2131148 https://bugzilla.redhat.com/2138014 https://bugzilla.redhat.com/2138015 https://bugzilla.redhat.com/2148252 https://bugzilla.redhat.com/2158420 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/2184483 https://cs.opensource.google/go/x/net https://errata.almalinux.org/9/ALSA-2023-6420.html https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4) https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9) https://go.dev/cl/455635 https://go.dev/cl/455717 https://go.dev/issue/56350 https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ https://linux.oracle.com/cve/CVE-2022-41717.html https://linux.oracle.com/errata/ELSA-2023-6420.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2022-41717 https://pkg.go.dev/vuln/GO-2022-1144 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-41717
stdlib	CVE-2023-24532	MEDIUM	v1.18.3	1.19.7, 1.20.2	https://access.redhat.com/security/cve/CVE-2023-24532 https://go.dev/cl/471255 https://go.dev/issue/58647 https://groups.google.com/g/golang-announce/c/3-TpUx48iQY https://nvd.nist.gov/vuln/detail/CVE-2023-24532 https://pkg.go.dev/vuln/GO-2023-1621 https://www.cve.org/CVERecord?id=CVE-2023-24532
stdlib	CVE-2023-29406	MEDIUM	v1.18.3	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.18.3	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.18.3	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.18.3	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.18.3	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.18.3	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.18.3	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.18.3	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.18.3	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.18.3	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.18.3	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.18.3	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.18.3	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.18.3	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
1 other vulnerabilities found...
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_spring-boot/5.26.1/bin/helper (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_spring-boot/5.26.1/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_syft/1.32.1/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_thin/0.5.30/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.12.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.12.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.12.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.12.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_unicorn/0.4.30/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.12.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.12.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.12.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.12.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_upx/3.4.3/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_vsdbg/0.2.10/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.2	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/cloudflare/circl	CVE-2023-1732	MEDIUM	v1.3.2	1.3.3	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/ff8d91225f8954b4970b6d6382d2e4c78f4a4cf8 https://github.com/cloudflare/circl/releases/tag/v1.3.3 https://github.com/cloudflare/circl/security/advisories/GHSA-2q89-485c-9j2x https://nvd.nist.gov/vuln/detail/CVE-2023-1732
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/distribution	CVE-2023-2253	HIGH	v2.8.1+incompatible	2.8.2-beta.1	https://access.redhat.com/security/cve/CVE-2023-2253 https://bugzilla.redhat.com/show_bug.cgi?id=2189886 https://github.com/distribution/distribution https://github.com/distribution/distribution/commit/521ea3d973cb0c7089ebbcdd4ccadc34be941f54 https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw https://lists.debian.org/debian-lts-announce/2023/06/msg00035.html https://nvd.nist.gov/vuln/detail/CVE-2023-2253 https://ubuntu.com/security/notices/USN-6336-1 https://www.cve.org/CVERecord?id=CVE-2023-2253 https://www.openwall.com/lists/oss-security/2023/05/09/1
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.54.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.54.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_watchexec/2.8.2/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_watchexec/2.8.3/bin/main (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_yarn-install/1.1.3/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.55.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.55.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_yarn-install/1.1.3/bin/setup-symlinks (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_yarn-start/1.0.11/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
golang.org/x/net	CVE-2023-39325	HIGH	v0.11.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.11.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.11.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.11.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-24790	CRITICAL	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.20.5	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.5	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.5	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.5	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.5	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.5	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.5	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.5	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.5	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.5	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.5	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.5	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/buildpacks/paketo-buildpacks_yarn/1.1.9/bin/run (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/anchore/stereoscope	CVE-2024-24579	MEDIUM	v0.0.0-20230412183729-8602f1afc574	0.0.1	https://github.com/anchore/stereoscope https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv https://nvd.nist.gov/vuln/detail/CVE-2024-24579
github.com/cloudflare/circl	GHSA-9763-4f94-gfch	HIGH	v1.3.3	1.3.7	https://github.com/cloudflare/circl https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d https://github.com/cloudflare/circl/security/advisories/GHSA-9763-4f94-gfch https://kyberslash.cr.yp.to
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/distribution	CVE-2023-2253	HIGH	v2.8.1+incompatible	2.8.2-beta.1	https://access.redhat.com/security/cve/CVE-2023-2253 https://bugzilla.redhat.com/show_bug.cgi?id=2189886 https://github.com/distribution/distribution https://github.com/distribution/distribution/commit/521ea3d973cb0c7089ebbcdd4ccadc34be941f54 https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw https://lists.debian.org/debian-lts-announce/2023/06/msg00035.html https://nvd.nist.gov/vuln/detail/CVE-2023-2253 https://ubuntu.com/security/notices/USN-6336-1 https://www.cve.org/CVERecord?id=CVE-2023-2253 https://www.openwall.com/lists/oss-security/2023/05/09/1
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.5+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.5+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.5+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.5+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/go-git/go-git/v5	CVE-2023-49569	CRITICAL	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49569 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88 https://nvd.nist.gov/vuln/detail/CVE-2023-49569 https://www.cve.org/CVERecord?id=CVE-2023-49569
github.com/go-git/go-git/v5	CVE-2023-49568	HIGH	v5.6.1	5.11.0	https://access.redhat.com/security/cve/CVE-2023-49568 https://github.com/go-git/go-git https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r https://nvd.nist.gov/vuln/detail/CVE-2023-49568 https://www.cve.org/CVERecord?id=CVE-2023-49568
github.com/mholt/archiver/v3	CVE-2024-0406	MEDIUM	v3.5.1	no fix available	https://access.redhat.com/security/cve/CVE-2024-0406 https://bugzilla.redhat.com/show_bug.cgi?id=2257749 https://github.com/advisories/GHSA-rhh4-rh7c-7r5v https://github.com/mholt/archiver https://nvd.nist.gov/vuln/detail/CVE-2024-0406 https://www.cve.org/CVERecord?id=CVE-2024-0406
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.8.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.10.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.10.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.10.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.10.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.55.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.55.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.30.0	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-29403	HIGH	v1.20.4	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.20.4	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.20.4	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45288	HIGH	v1.20.4	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29406	MEDIUM	v1.20.4	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.20.4	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.20.4	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.20.4	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.20.4	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.20.4	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.20.4	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.20.4	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.20.4	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/lifecycle/launcher (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
stdlib	CVE-2024-24790	CRITICAL	v1.19.11	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.19.11	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.19.11	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45287	HIGH	v1.19.11	1.20.0	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-45287 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://go.dev/cl/326012/26 https://go.dev/issue/20654 https://groups.google.com/g/golang-announce/c/QMK8IQALDvA https://linux.oracle.com/cve/CVE-2023-45287.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-45287 https://people.redhat.com/~hkario/marvin/ https://pkg.go.dev/vuln/GO-2023-2375 https://security.netapp.com/advisory/ntap-20240112-0005/ https://www.cve.org/CVERecord?id=CVE-2023-45287
stdlib	CVE-2023-45288	HIGH	v1.19.11	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.19.11	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29409	MEDIUM	v1.19.11	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.19.11	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.19.11	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.19.11	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.19.11	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.19.11	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.19.11	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.19.11	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.19.11	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.19.11	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.19.11	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.19.11	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.19.11	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.19.11	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

cnb/lifecycle/lifecycle (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
github.com/containerd/containerd	GHSA-7ww5-4wqc-m92c	MEDIUM	v1.7.0	1.6.26, 1.7.11	https://github.com/containerd/containerd https://github.com/containerd/containerd/commit/67d356cb3095f3e8f8ad7d36f9a733fea1e7e28c https://github.com/containerd/containerd/commit/746b910f05855c8bfdb4415a1c0f958b234910e5 https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c
github.com/docker/distribution	CVE-2023-2253	HIGH	v2.8.1+incompatible	2.8.2-beta.1	https://access.redhat.com/security/cve/CVE-2023-2253 https://bugzilla.redhat.com/show_bug.cgi?id=2189886 https://github.com/distribution/distribution https://github.com/distribution/distribution/commit/521ea3d973cb0c7089ebbcdd4ccadc34be941f54 https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw https://lists.debian.org/debian-lts-announce/2023/06/msg00035.html https://nvd.nist.gov/vuln/detail/CVE-2023-2253 https://ubuntu.com/security/notices/USN-6336-1 https://www.cve.org/CVERecord?id=CVE-2023-2253 https://www.openwall.com/lists/oss-security/2023/05/09/1
github.com/docker/docker	CVE-2024-41110	CRITICAL	v23.0.4+incompatible	23.0.15, 26.1.5, 27.1.1, 25.0.6	https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/docker/docker	CVE-2024-24557	MEDIUM	v23.0.4+incompatible	24.0.9, 25.0.2	https://access.redhat.com/security/cve/CVE-2024-24557 https://github.com/moby/moby https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd https://github.com/moby/moby/commit/fce6e0ca9bc000888de3daa157af14fa41fcd0ff https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc https://nvd.nist.gov/vuln/detail/CVE-2024-24557 https://www.cve.org/CVERecord?id=CVE-2024-24557
github.com/docker/docker	CVE-2024-29018	MEDIUM	v23.0.4+incompatible	26.0.0-rc3, 25.0.5, 23.0.11	https://access.redhat.com/security/cve/CVE-2024-29018 https://github.com/moby/moby https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx https://nvd.nist.gov/vuln/detail/CVE-2024-29018 https://www.cve.org/CVERecord?id=CVE-2024-29018
github.com/docker/docker	GHSA-jq35-85cj-fj4p	MEDIUM	v23.0.4+incompatible	24.0.7, 23.0.8, 20.10.27	https://github.com/moby/moby https://github.com/moby/moby/commit/48ebe353e49a9def5e6679f6e386b0efb1c95f0e https://github.com/moby/moby/commit/81ebe71275768629689a23bc3bca34b3b374a6a6 https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35 https://github.com/moby/moby/releases/tag/v20.10.27 https://github.com/moby/moby/releases/tag/v23.0.8 https://github.com/moby/moby/releases/tag/v24.0.7 https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p
github.com/golang-jwt/jwt/v4	CVE-2024-51744	LOW	v4.4.3	4.5.1	https://access.redhat.com/security/cve/CVE-2024-51744 https://github.com/golang-jwt/jwt https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r https://nvd.nist.gov/vuln/detail/CVE-2024-51744 https://www.cve.org/CVERecord?id=CVE-2024-51744
github.com/moby/buildkit	CVE-2024-23652	CRITICAL	v0.11.5	0.12.5	https://access.redhat.com/security/cve/CVE-2024-23652 https://github.com/moby/buildkit https://github.com/moby/buildkit/pull/4603 https://github.com/moby/buildkit/releases/tag/v0.12.5 https://github.com/moby/buildkit/security/advisories/GHSA-4v98-7qmw-rqr8 https://nvd.nist.gov/vuln/detail/CVE-2024-23652 https://pkg.go.dev/vuln/GO-2024-2494 https://snyk.io/blog/cve-2024-23652-buildkit-build-time-container-teardown-arbitrary-delete/ https://www.cve.org/CVERecord?id=CVE-2024-23652
github.com/moby/buildkit	CVE-2024-23653	CRITICAL	v0.11.5	0.12.5	https://access.redhat.com/security/cve/CVE-2024-23653 https://github.com/moby/buildkit https://github.com/moby/buildkit/commit/5026d95aa3336e97cfe46e3764f52d08bac7a10e https://github.com/moby/buildkit/commit/92cc595cfb12891d4b3ae476e067c74250e4b71e https://github.com/moby/buildkit/pull/4602 https://github.com/moby/buildkit/releases/tag/v0.12.5 https://github.com/moby/buildkit/security/advisories/GHSA-wr6v-9f75-vh2g https://nvd.nist.gov/vuln/detail/CVE-2024-23653 https://snyk.io/blog/cve-2024-23653-buildkit-grpc-securitymode-privilege-check/ https://www.cve.org/CVERecord?id=CVE-2024-23653
github.com/moby/buildkit	CVE-2024-23651	HIGH	v0.11.5	0.12.5	https://access.redhat.com/security/cve/CVE-2024-23651 https://github.com/moby/buildkit https://github.com/moby/buildkit/pull/4604 https://github.com/moby/buildkit/releases/tag/v0.12.5 https://github.com/moby/buildkit/security/advisories/GHSA-m3r6-h7wv-7xxv https://nvd.nist.gov/vuln/detail/CVE-2024-23651 https://snyk.io/blog/cve-2024-23651-docker-buildkit-mount-cache-race/ https://www.cve.org/CVERecord?id=CVE-2024-23651 https://www.openwall.com/lists/oss-security/2019/05/28/1
github.com/moby/buildkit	CVE-2024-23650	MEDIUM	v0.11.5	0.12.5	https://access.redhat.com/security/cve/CVE-2024-23650 https://github.com/moby/buildkit https://github.com/moby/buildkit/commit/481d9c45f473c58537f39694a38d7995cc656987 https://github.com/moby/buildkit/commit/7718bd5c3dc8fc5cd246a30cc41766e7a53c043c https://github.com/moby/buildkit/commit/83edaef59d545b93e2750f1f85675a3764593fee https://github.com/moby/buildkit/commit/96663dd35bf3787d7efb1ee7fd9ac7fe533582ae https://github.com/moby/buildkit/commit/e1924dc32da35bfb0bfdbb9d0fc7bca25e552330 https://github.com/moby/buildkit/pull/4601 https://github.com/moby/buildkit/releases/tag/v0.12.5 https://github.com/moby/buildkit/security/advisories/GHSA-9p26-698r-w4hx https://linux.oracle.com/cve/CVE-2024-23650.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2024-23650 https://www.cve.org/CVERecord?id=CVE-2024-23650
github.com/opencontainers/runc	CVE-2024-21626	HIGH	v1.1.7	1.1.12	http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html http://www.openwall.com/lists/oss-security/2024/02/01/1 http://www.openwall.com/lists/oss-security/2024/02/02/3 https://access.redhat.com/errata/RHSA-2024:0670 https://access.redhat.com/security/cve/CVE-2024-21626 https://bugzilla.redhat.com/2258725 https://errata.almalinux.org/9/ALSA-2024-0670.html https://github.com/opencontainers/runc https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf https://github.com/opencontainers/runc/releases/tag/v1.1.12 https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv https://linux.oracle.com/cve/CVE-2024-21626.html https://linux.oracle.com/errata/ELSA-2024-17931.html https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/ https://nvd.nist.gov/vuln/detail/CVE-2024-21626 https://ubuntu.com/security/notices/USN-6619-1 https://www.cve.org/CVERecord?id=CVE-2024-21626
github.com/opencontainers/runc	CVE-2024-45310	LOW	v1.1.7	1.1.14, 1.2.0-rc.3	https://access.redhat.com/security/cve/CVE-2024-45310 https://github.com/opencontainers/runc https://github.com/opencontainers/runc/commit/63c2908164f3a1daea455bf5bcd8d363d70328c7 https://github.com/opencontainers/runc/commit/8781993968fd964ac723ff5f360b6f259e809a3e https://github.com/opencontainers/runc/commit/f0b652ea61ff6750a8fcc69865d45a7abf37accf https://github.com/opencontainers/runc/pull/4359 https://github.com/opencontainers/runc/security/advisories/GHSA-jfvp-7x6p-h2pv https://nvd.nist.gov/vuln/detail/CVE-2024-45310 https://www.cve.org/CVERecord?id=CVE-2024-45310 https://www.openwall.com/lists/oss-security/2024/09/03/1
golang.org/x/crypto	CVE-2023-48795	MEDIUM	v0.5.0	0.17.0	http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html http://seclists.org/fulldisclosure/2024/Mar/21 http://www.openwall.com/lists/oss-security/2023/12/18/3 http://www.openwall.com/lists/oss-security/2023/12/19/5 http://www.openwall.com/lists/oss-security/2023/12/20/3 http://www.openwall.com/lists/oss-security/2024/03/06/3 http://www.openwall.com/lists/oss-security/2024/04/17/8 https://access.redhat.com/errata/RHSA-2024:1150 https://access.redhat.com/security/cve/CVE-2023-48795 https://access.redhat.com/security/cve/cve-2023-48795 https://access.redhat.com/solutions/7071748 https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/ https://bugs.gentoo.org/920280 https://bugzilla.redhat.com/2254210 https://bugzilla.redhat.com/show_bug.cgi?id=2254210 https://bugzilla.suse.com/show_bug.cgi?id=1217950 https://crates.io/crates/thrussh/versions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 https://errata.almalinux.org/9/ALSA-2024-1150.html https://errata.rockylinux.org/RLSA-2024:0628 https://filezilla-project.org/versions.php https://forum.netgate.com/topic/184941/terrapin-ssh-attack https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6 https://github.com/NixOS/nixpkgs/pull/275249 https://github.com/PowerShell/Win32-OpenSSH/issues/2189 https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0 https://github.com/TeraTermProject/teraterm/releases/tag/v5.1 https://github.com/advisories/GHSA-45x7-px36-x8w8 https://github.com/apache/mina-sshd/issues/445 https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22 https://github.com/cyd01/KiTTY/issues/520 https://github.com/drakkan/sftpgo/releases/tag/v2.5.6 https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42 https://github.com/erlang/otp/releases/tag/OTP-26.2.1 https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d https://github.com/hierynomus/sshj/issues/916 https://github.com/janmojzis/tinyssh/issues/81 https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5 https://github.com/libssh2/libssh2/pull/1291 https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25 https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3 https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15 https://github.com/mwiede/jsch/issues/457 https://github.com/mwiede/jsch/pull/461 https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16 https://github.com/openssh/openssh-portable/commits/master https://github.com/paramiko/paramiko/issues/2337 https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773 https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES https://github.com/proftpd/proftpd/issues/456 https://github.com/rapier1/hpn-ssh/releases https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst https://github.com/ronf/asyncssh/security/advisories/GHSA-hfmc-7525-mj55 https://github.com/ronf/asyncssh/tags https://github.com/ssh-mitm/ssh-mitm/issues/165 https://github.com/warp-tech/russh https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951 https://github.com/warp-tech/russh/releases/tag/v0.40.2 https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8 https://gitlab.com/libssh/libssh-mirror/-/tags https://go.dev/cl/550715 https://go.dev/issue/64784 https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg https://help.panic.com/releasenotes/transmit5 https://help.panic.com/releasenotes/transmit5/ https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795 https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/ https://linux.oracle.com/cve/CVE-2023-48795.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/ https://matt.ucc.asn.au/dropbear/CHANGES https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC https://news.ycombinator.com/item?id=38684904 https://news.ycombinator.com/item?id=38685286 https://news.ycombinator.com/item?id=38732005 https://nova.app/releases/#v11.8 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://oryx-embedded.com/download/#changelog https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002 https://roumenpetrov.info/secsh/#news20231220 https://security-tracker.debian.org/tracker/CVE-2023-48795 https://security-tracker.debian.org/tracker/source-package/libssh2 https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg https://security-tracker.debian.org/tracker/source-package/trilead-ssh2 https://security.gentoo.org/glsa/202312-16 https://security.gentoo.org/glsa/202312-17 https://security.netapp.com/advisory/ntap-20240105-0004 https://security.netapp.com/advisory/ntap-20240105-0004/ https://support.apple.com/kb/HT214084 https://terrapin-attack.com/ https://thorntech.com/cve-2023-48795-and-sftp-gateway https://thorntech.com/cve-2023-48795-and-sftp-gateway/ https://twitter.com/TrueSkrillor/status/1736774389725565005 https://ubuntu.com/security/CVE-2023-48795 https://ubuntu.com/security/notices/USN-6560-1 https://ubuntu.com/security/notices/USN-6560-2 https://ubuntu.com/security/notices/USN-6561-1 https://ubuntu.com/security/notices/USN-6585-1 https://ubuntu.com/security/notices/USN-6589-1 https://ubuntu.com/security/notices/USN-6598-1 https://ubuntu.com/security/notices/USN-6738-1 https://ubuntu.com/security/notices/USN-7051-1 https://winscp.net/eng/docs/history#6.2.2 https://www.bitvise.com/ssh-client-version-history#933 https://www.bitvise.com/ssh-server-version-history https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update https://www.cve.org/CVERecord?id=CVE-2023-48795 https://www.debian.org/security/2023/dsa-5586 https://www.debian.org/security/2023/dsa-5588 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508 https://www.netsarang.com/en/xshell-update-history https://www.netsarang.com/en/xshell-update-history/ https://www.openssh.com/openbsd.html https://www.openssh.com/txt/release-9.6 https://www.openwall.com/lists/oss-security/2023/12/18/2 https://www.openwall.com/lists/oss-security/2023/12/18/3 https://www.openwall.com/lists/oss-security/2023/12/20/3 https://www.paramiko.org/changelog.html https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/ https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795 https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/ https://www.terrapin-attack.com https://www.theregister.com/2023/12/20/terrapin_attack_ssh https://www.vandyke.com/products/securecrt/history.txt
golang.org/x/net	CVE-2023-39325	HIGH	v0.8.0	0.17.0	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
golang.org/x/net	CVE-2023-3978	MEDIUM	v0.8.0	0.13.0	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-3978 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/514896 https://go.dev/issue/61615 https://linux.oracle.com/cve/CVE-2023-3978.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-3978 https://pkg.go.dev/vuln/GO-2023-1988 https://www.cve.org/CVERecord?id=CVE-2023-3978
golang.org/x/net	CVE-2023-44487	MEDIUM	v0.8.0	0.17.0	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
golang.org/x/net	CVE-2023-45288	MEDIUM	v0.8.0	0.23.0	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
google.golang.org/grpc	GHSA-m425-mq94-257g	HIGH	v1.53.0	1.56.3, 1.57.1, 1.58.3	https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/f2180b4d5403d2210b30b93098eb7da31c05c721 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/security/advisories/GHSA-m425-mq94-257g https://nvd.nist.gov/vuln/detail/CVE-2023-44487
google.golang.org/grpc	CVE-2023-44487	MEDIUM	v1.53.0	1.58.3, 1.57.1, 1.56.3	http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www.openwall.com/lists/oss-security/2023/10/18/8 http://www.openwall.com/lists/oss-security/2023/10/19/6 http://www.openwall.com/lists/oss-security/2023/10/20/8 https://access.redhat.com/errata/RHSA-2023:6746 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/cve/cve-2023-44487 https://akka.io/security/akka-http-cve-2023-44487.html https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/ https://aws.amazon.com/security/security-bulletins/AWS-2023-011 https://aws.amazon.com/security/security-bulletins/AWS-2023-011/ https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/ https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/ https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack https://blog.vespa.ai/cve-2023-44487 https://blog.vespa.ai/cve-2023-44487/ https://bugzilla.proxmox.com/show_bug.cgi?id=4988 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.suse.com/show_bug.cgi?id=1216123 https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9 https://chaos.social/@icing/111210915918780532 https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/ https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://devblogs.microsoft.com/dotnet/october-2023-updates/ https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715 https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve https://errata.almalinux.org/9/ALSA-2023-6746.html https://errata.rockylinux.org/RLSA-2023:5838 https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764 https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088 https://github.com/Azure/AKS/issues/3947 https://github.com/Kong/kong/discussions/11741 https://github.com/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/advisories/GHSA-vx74-f528-fxqg https://github.com/advisories/GHSA-xpw8-rcwv-8f8p https://github.com/akka/akka-http/issues/4323 https://github.com/akka/akka-http/pull/4324 https://github.com/akka/akka-http/pull/4325 https://github.com/alibaba/tengine/issues/1872 https://github.com/apache/apisix/issues/10320 https://github.com/apache/httpd-site/pull/10 https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113 https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628 https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2 https://github.com/apache/trafficserver/pull/10564 https://github.com/apple/swift-nio-http2 https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3 https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/caddyserver/caddy/issues/5877 https://github.com/caddyserver/caddy/releases/tag/v2.7.5 https://github.com/dotnet/announcements/issues/277 https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73 https://github.com/eclipse/jetty.project/issues/10679 https://github.com/envoyproxy/envoy/pull/30055 https://github.com/etcd-io/etcd/issues/16740 https://github.com/facebook/proxygen/pull/466 https://github.com/golang/go/issues/63417 https://github.com/grpc/grpc-go/pull/6703 https://github.com/grpc/grpc-go/releases https://github.com/h2o/h2o/pull/3291 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf https://github.com/haproxy/haproxy/issues/2312 https://github.com/hyperium/hyper/issues/3337 https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244 https://github.com/junkurihara/rust-rpxy/issues/97 https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1 https://github.com/kazu-yamamoto/http2/issues/93 https://github.com/kubernetes/kubernetes/pull/121120 https://github.com/line/armeria/pull/5232 https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632 https://github.com/micrictor/http2-rst-stream https://github.com/microsoft/CBL-Mariner/pull/6381 https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61 https://github.com/nghttp2/nghttp2/pull/1961 https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0 https://github.com/ninenines/cowboy/issues/1615 https://github.com/nodejs/node/pull/50121 https://github.com/openresty/openresty/issues/930 https://github.com/opensearch-project/data-prepper/issues/3474 https://github.com/oqtane/oqtane.framework/discussions/3367 https://github.com/projectcontour/contour/pull/5826 https://github.com/tempesta-tech/tempesta/issues/1986 https://github.com/varnishcache/varnish-cache/issues/3996 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://istio.io/latest/news/security/istio-security-2023-004 https://istio.io/latest/news/security/istio-security-2023-004/ https://linkerd.io/2023/10/12/linkerd-cve-2023-44487 https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/ https://linux.oracle.com/cve/CVE-2023-44487.html https://linux.oracle.com/errata/ELSA-2024-1444.html https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4 https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2 https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487 https://my.f5.com/manage/s/article/K000137106 https://netty.io/news/2023/10/10/4-1-100-Final.html https://news.ycombinator.com/item?id=37830987 https://news.ycombinator.com/item?id=37830998 https://news.ycombinator.com/item?id=37831062 https://news.ycombinator.com/item?id=37837043 https://nodejs.org/en/blog/vulnerability/october-2023-security-releases https://nvd.nist.gov/vuln/detail/CVE-2023-44487 https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/ https://pkg.go.dev/vuln/GO-2023-2102 https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231016-0001 https://security.netapp.com/advisory/ntap-20231016-0001/ https://security.netapp.com/advisory/ntap-20240426-0007 https://security.netapp.com/advisory/ntap-20240426-0007/ https://security.netapp.com/advisory/ntap-20240621-0006 https://security.netapp.com/advisory/ntap-20240621-0006/ https://security.netapp.com/advisory/ntap-20240621-0007 https://security.netapp.com/advisory/ntap-20240621-0007/ https://security.paloaltonetworks.com/CVE-2023-44487 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81 https://ubuntu.com/security/CVE-2023-44487 https://ubuntu.com/security/notices/USN-6427-1 https://ubuntu.com/security/notices/USN-6427-2 https://ubuntu.com/security/notices/USN-6438-1 https://ubuntu.com/security/notices/USN-6505-1 https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-6754-1 https://ubuntu.com/security/notices/USN-6994-1 https://ubuntu.com/security/notices/USN-7067-1 https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-44487 https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event https://www.debian.org/security/2023/dsa-5521 https://www.debian.org/security/2023/dsa-5522 https://www.debian.org/security/2023/dsa-5540 https://www.debian.org/security/2023/dsa-5549 https://www.debian.org/security/2023/dsa-5558 https://www.debian.org/security/2023/dsa-5570 https://www.eclipse.org/lists/jetty-announce/msg00181.html https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487 https://www.mail-archive.com/haproxy@formilux.org/msg44134.html https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487 https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/ https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ https://www.openwall.com/lists/oss-security/2023/10/10/6 https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
google.golang.org/protobuf	CVE-2024-24786	MEDIUM	v1.29.1	1.33.0	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2550 https://access.redhat.com/security/cve/CVE-2024-24786 https://bugzilla.redhat.com/2268046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786 https://errata.almalinux.org/9/ALSA-2024-2550.html https://errata.rockylinux.org/RLSA-2024:2550 https://github.com/protocolbuffers/protobuf-go https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023 https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0 https://go-review.googlesource.com/c/protobuf/+/569356 https://go.dev/cl/569356 https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/ https://linux.oracle.com/cve/CVE-2024-24786.html https://linux.oracle.com/errata/ELSA-2024-4246.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/ https://nvd.nist.gov/vuln/detail/CVE-2024-24786 https://pkg.go.dev/vuln/GO-2024-2611 https://security.netapp.com/advisory/ntap-20240517-0002 https://security.netapp.com/advisory/ntap-20240517-0002/ https://ubuntu.com/security/notices/USN-6746-1 https://ubuntu.com/security/notices/USN-6746-2 https://www.cve.org/CVERecord?id=CVE-2024-24786
stdlib	CVE-2024-24790	CRITICAL	v1.19.11	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2023-39325	HIGH	v1.19.11	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.19.11	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45287	HIGH	v1.19.11	1.20.0	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-45287 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://go.dev/cl/326012/26 https://go.dev/issue/20654 https://groups.google.com/g/golang-announce/c/QMK8IQALDvA https://linux.oracle.com/cve/CVE-2023-45287.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-45287 https://people.redhat.com/~hkario/marvin/ https://pkg.go.dev/vuln/GO-2023-2375 https://security.netapp.com/advisory/ntap-20240112-0005/ https://www.cve.org/CVERecord?id=CVE-2023-45287
stdlib	CVE-2023-45288	HIGH	v1.19.11	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.19.11	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2023-29409	MEDIUM	v1.19.11	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.19.11	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.19.11	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.19.11	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.19.11	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
stdlib	CVE-2023-45289	MEDIUM	v1.19.11	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45289 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1 (go1.21.8) https://github.com/golang/go/commit/3a855208e3efed2e9d7c20ad023f1fa78afcc0be (go1.22.1) https://github.com/golang/go/issues/65065 https://go.dev/cl/569340 https://go.dev/issue/65065 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45289.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://nvd.nist.gov/vuln/detail/CVE-2023-45289 https://pkg.go.dev/vuln/GO-2024-2600 https://security.netapp.com/advisory/ntap-20240329-0006/ https://ubuntu.com/security/notices/USN-6886-1 https://www.cve.org/CVERecord?id=CVE-2023-45289
stdlib	CVE-2023-45290	MEDIUM	v1.19.11	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2023-45290 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:3830 https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1) https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8) https://github.com/golang/go/issues/65383 https://go.dev/cl/569341 https://go.dev/issue/65383 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2023-45290.html https://linux.oracle.com/errata/ELSA-2024-8038.html https://nvd.nist.gov/vuln/detail/CVE-2023-45290 https://pkg.go.dev/vuln/GO-2024-2599 https://security.netapp.com/advisory/ntap-20240329-0004 https://security.netapp.com/advisory/ntap-20240329-0004/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45290
stdlib	CVE-2024-24783	MEDIUM	v1.19.11	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:6195 https://access.redhat.com/security/cve/CVE-2024-24783 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-6195.html https://errata.rockylinux.org/RLSA-2024:2724 https://github.com/advisories/GHSA-3q2c-pvp5-3cqp https://github.com/golang/go/commit/337b8e9cbfa749d9d5c899e0dc358e2208d5e54f (go1.22.1) https://github.com/golang/go/commit/be5b52bea674190ef7de272664be6c7ae93ec5a0 (go1.21.8) https://github.com/golang/go/issues/65390 https://go.dev/cl/569339 https://go.dev/issue/65390 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24783.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24783 https://pkg.go.dev/vuln/GO-2024-2598 https://security.netapp.com/advisory/ntap-20240329-0005 https://security.netapp.com/advisory/ntap-20240329-0005/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24783
stdlib	CVE-2024-24784	MEDIUM	v1.19.11	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:2562 https://access.redhat.com/security/cve/CVE-2024-24784 https://bugzilla.redhat.com/2262921 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268021 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-2562.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8) https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1) https://github.com/golang/go/issues/65083 https://go.dev/cl/555596 https://go.dev/issue/65083 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24784.html https://linux.oracle.com/errata/ELSA-2024-6969.html https://nvd.nist.gov/vuln/detail/CVE-2024-24784 https://pkg.go.dev/vuln/GO-2024-2609 https://security.netapp.com/advisory/ntap-20240329-0007/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24784
stdlib	CVE-2024-24785	MEDIUM	v1.19.11	1.21.8, 1.22.1	http://www.openwall.com/lists/oss-security/2024/03/08/4 https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24785 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2262921 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268021 https://bugzilla.redhat.com/show_bug.cgi?id=2268022 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1394 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:2562 https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) https://github.com/golang/go/issues/65697 https://go.dev/cl/564196 https://go.dev/issue/65697 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg https://linux.oracle.com/cve/CVE-2024-24785.html https://linux.oracle.com/errata/ELSA-2024-3259.html https://nvd.nist.gov/vuln/detail/CVE-2024-24785 https://pkg.go.dev/vuln/GO-2024-2610 https://security.netapp.com/advisory/ntap-20240329-0008/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2024-2610.json https://www.cve.org/CVERecord?id=CVE-2024-24785
stdlib	CVE-2024-24789	MEDIUM	v1.19.11	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24789 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/c8e40338cf00f3c1d86c8fb23863ad67a4c72bcc (1.21) https://github.com/golang/go/commit/cf501ac0c5fe351a8582d20b43562027927906e7 (1.22) https://github.com/golang/go/issues/66869 https://go.dev/cl/585397 https://go.dev/issue/66869 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24789.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/ https://nvd.nist.gov/vuln/detail/CVE-2024-24789 https://pkg.go.dev/vuln/GO-2024-2888 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24789
stdlib	CVE-2024-24791	MEDIUM	v1.19.11	1.21.12, 1.22.5	https://access.redhat.com/errata/RHSA-2024:9135 https://access.redhat.com/security/cve/CVE-2024-24791 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268022 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9135.html https://errata.rockylinux.org/RLSA-2024:6913 https://go.dev/cl/591255 https://go.dev/issue/67555 https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ https://linux.oracle.com/cve/CVE-2024-24791.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24791 https://pkg.go.dev/vuln/GO-2024-2963 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-24791
stdlib	CVE-2024-34155	MEDIUM	v1.19.11	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib	CVE-2024-34158	MEDIUM	v1.19.11	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

usr/local/bin/yj (gobinary)

Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
gopkg.in/yaml.v3	CVE-2022-28948	HIGH	v3.0.0-20210107192922-496545a6307b	3.0.0-20220521103104-8f96da9f5d5e	https://access.redhat.com/security/cve/CVE-2022-28948 https://github.com/advisories/GHSA-hp87-p4gw-j4gq https://github.com/go-yaml/yaml https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754 https://github.com/go-yaml/yaml/issues/666 https://github.com/go-yaml/yaml/issues/666#issuecomment-1133337993 https://nvd.nist.gov/vuln/detail/CVE-2022-28948 https://security.netapp.com/advisory/ntap-20220923-0006 https://security.netapp.com/advisory/ntap-20220923-0006/ https://security.snyk.io/vuln/SNYK-GOLANG-GOPKGINYAMLV2-2840885 https://www.cve.org/CVERecord?id=CVE-2022-28948
stdlib	CVE-2023-24538	CRITICAL	v1.18	1.19.8, 1.20.3	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24538 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/20374d1d759bc4e17486bde1cb9dca5be37d9e52 (go1.20.3) https://github.com/golang/go/commit/b1e3ecfa06b67014429a197ec5e134ce4303ad9b (go1.19.8) https://github.com/golang/go/issues/59234 https://go.dev/cl/482079 https://go.dev/issue/59234 https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8 https://linux.oracle.com/cve/CVE-2023-24538.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24538 https://pkg.go.dev/vuln/GO-2023-1703 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://ubuntu.com/security/notices/USN-6140-1 https://ubuntu.com/security/notices/USN-7061-1 https://www.cve.org/CVERecord?id=CVE-2023-24538
stdlib	CVE-2023-24540	CRITICAL	v1.18	1.19.9, 1.20.4	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24540 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/4a28cad66655ee01c6e944271e23c33cab021765 (go1.20.4) https://github.com/golang/go/commit/ce7bd33345416e6d8cac901792060591cafc2797 (go1.19.9) https://github.com/golang/go/issues/59721 https://go.dev/cl/491616 https://go.dev/issue/59721 https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU https://linux.oracle.com/cve/CVE-2023-24540.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24540 https://pkg.go.dev/vuln/GO-2023-1752 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24540
stdlib	CVE-2024-24790	CRITICAL	v1.18	1.21.11, 1.22.4	http://www.openwall.com/lists/oss-security/2024/06/04/1 https://access.redhat.com/errata/RHSA-2024:9115 https://access.redhat.com/security/cve/CVE-2024-24790 https://bugzilla.redhat.com/2279814 https://bugzilla.redhat.com/2292668 https://bugzilla.redhat.com/2292787 https://bugzilla.redhat.com/2294000 https://bugzilla.redhat.com/2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2292668 https://bugzilla.redhat.com/show_bug.cgi?id=2292787 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24789 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24790 https://errata.almalinux.org/9/ALSA-2024-9115.html https://errata.rockylinux.org/RLSA-2024:4212 https://github.com/golang/go/commit/051bdf3fd12a40307606ff9381138039c5f452f0 (1.21) https://github.com/golang/go/commit/12d5810cdb1f73cf23d7a86462143e9463317fca (1.22) https://github.com/golang/go/issues/67680 https://go.dev/cl/590316 https://go.dev/issue/67680 https://groups.google.com/g/golang-announce/c/XbxouI9gY7k https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ https://linux.oracle.com/cve/CVE-2024-24790.html https://linux.oracle.com/errata/ELSA-2024-9115.html https://nvd.nist.gov/vuln/detail/CVE-2024-24790 https://pkg.go.dev/vuln/GO-2024-2887 https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2024-24790
stdlib	CVE-2022-24675	HIGH	v1.18	1.17.9, 1.18.1	https://access.redhat.com/security/cve/CVE-2022-24675 https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf https://go.dev/issue/51853 https://groups.google.com/g/golang-announce https://groups.google.com/g/golang-announce/c/oecdBNLOml8 https://linux.oracle.com/cve/CVE-2022-24675.html https://linux.oracle.com/errata/ELSA-2022-5337.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/ https://nvd.nist.gov/vuln/detail/CVE-2022-24675 https://security.gentoo.org/glsa/202208-02 https://security.netapp.com/advisory/ntap-20220915-0010/ https://www.cve.org/CVERecord?id=CVE-2022-24675
stdlib	CVE-2022-27536	HIGH	v1.18	1.18.1	https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf https://groups.google.com/g/golang-announce https://groups.google.com/g/golang-announce/c/oecdBNLOml8 https://linux.oracle.com/cve/CVE-2022-27536.html https://linux.oracle.com/errata/ELSA-2022-17956.html https://security.gentoo.org/glsa/202208-02 https://security.netapp.com/advisory/ntap-20230309-0001/
stdlib	CVE-2022-27664	HIGH	v1.18	1.18.6, 1.19.1	https://access.redhat.com/errata/RHSA-2023:2357 https://access.redhat.com/security/cve/CVE-2022-27664 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2113814 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=1913333 https://bugzilla.redhat.com/show_bug.cgi?id=1913338 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://bugzilla.redhat.com/show_bug.cgi?id=2113814 https://bugzilla.redhat.com/show_bug.cgi?id=2124669 https://cs.opensource.google/go/x/net https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28851 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28852 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189 https://errata.almalinux.org/9/ALSA-2023-2357.html https://errata.rockylinux.org/RLSA-2022:7129 https://github.com/golang/go/commit/5bc9106458fc07851ac324a4157132a91b1f3479 (go1.18.6) https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1) https://github.com/golang/go/issues/54658 https://go.dev/cl/428735 https://go.dev/issue/54658 https://groups.google.com/g/golang-announce https://groups.google.com/g/golang-announce/c/x49AQzIVX-s https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ https://linux.oracle.com/cve/CVE-2022-27664.html https://linux.oracle.com/errata/ELSA-2024-0121.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX https://nvd.nist.gov/vuln/detail/CVE-2022-27664 https://pkg.go.dev/vuln/GO-2022-0969 https://security.gentoo.org/glsa/202209-26 https://security.netapp.com/advisory/ntap-20220923-0004 https://security.netapp.com/advisory/ntap-20220923-0004/ https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-27664
stdlib	CVE-2022-28131	HIGH	v1.18	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2022:8057 https://access.redhat.com/security/cve/CVE-2022-28131 https://bugzilla.redhat.com/2044628 https://bugzilla.redhat.com/2045880 https://bugzilla.redhat.com/2050648 https://bugzilla.redhat.com/2050742 https://bugzilla.redhat.com/2050743 https://bugzilla.redhat.com/2065290 https://bugzilla.redhat.com/2107342 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107376 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2107390 https://bugzilla.redhat.com/2107392 https://bugzilla.redhat.com/show_bug.cgi?id=2044628 https://bugzilla.redhat.com/show_bug.cgi?id=2045880 https://bugzilla.redhat.com/show_bug.cgi?id=2050648 https://bugzilla.redhat.com/show_bug.cgi?id=2050742 https://bugzilla.redhat.com/show_bug.cgi?id=2050743 https://bugzilla.redhat.com/show_bug.cgi?id=2055349 https://bugzilla.redhat.com/show_bug.cgi?id=2065290 https://bugzilla.redhat.com/show_bug.cgi?id=2104367 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107376 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://bugzilla.redhat.com/show_bug.cgi?id=2107390 https://bugzilla.redhat.com/show_bug.cgi?id=2107392 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2022-8057.html https://errata.rockylinux.org/RLSA-2022:8057 https://github.com/golang/go/commit/90f040ec510dd678b7860d70ca77e5682f4c7e96 https://go.dev/cl/417062 https://go.dev/issue/53614 https://go.googlesource.com/go/+/08c46ed43d80bbb67cb904944ea3417989be4af3 https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-28131.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-28131 https://pkg.go.dev/vuln/GO-2022-0521 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-28131
stdlib	CVE-2022-28327	HIGH	v1.18	1.17.9, 1.18.1	https://access.redhat.com/security/cve/CVE-2022-28327 https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf https://go.dev/issue/52075 https://groups.google.com/g/golang-announce https://groups.google.com/g/golang-announce/c/oecdBNLOml8 https://linux.oracle.com/cve/CVE-2022-28327.html https://linux.oracle.com/errata/ELSA-2022-5337.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NY6GEAJMNKKMU5H46QO4D7D6A24KSPXE/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/ https://nvd.nist.gov/vuln/detail/CVE-2022-28327 https://security.gentoo.org/glsa/202208-02 https://security.netapp.com/advisory/ntap-20220915-0010/ https://www.cve.org/CVERecord?id=CVE-2022-28327
stdlib	CVE-2022-2879	HIGH	v1.18	1.18.7, 1.19.2	https://access.redhat.com/errata/RHSA-2023:2204 https://access.redhat.com/security/cve/CVE-2022-2879 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132867 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=2132867 https://bugzilla.redhat.com/show_bug.cgi?id=2132868 https://bugzilla.redhat.com/show_bug.cgi?id=2132872 https://bugzilla.redhat.com/show_bug.cgi?id=2149311 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2879 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2880 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41715 https://errata.almalinux.org/9/ALSA-2023-2204.html https://errata.rockylinux.org/RLSA-2023:0328 https://github.com/golang/go/commit/0a723816cd205576945fa57fbdde7e6532d59d08 (go1.18.7) https://github.com/golang/go/commit/4fa773cdefd20be093c84f731be7d4febf5536fa (go1.19.2) https://github.com/golang/go/issues/54853 https://go.dev/cl/439355 https://go.dev/issue/54853 https://groups.google.com/g/golang-announce/c/xtuG5faxtaU https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1 https://linux.oracle.com/cve/CVE-2022-2879.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2022-2879 https://pkg.go.dev/vuln/GO-2022-1037 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-2879
stdlib	CVE-2022-2880	HIGH	v1.18	1.18.7, 1.19.2	https://access.redhat.com/errata/RHSA-2023:2357 https://access.redhat.com/security/cve/CVE-2022-2880 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2113814 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=2132867 https://bugzilla.redhat.com/show_bug.cgi?id=2132868 https://bugzilla.redhat.com/show_bug.cgi?id=2132872 https://bugzilla.redhat.com/show_bug.cgi?id=2149311 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2879 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2880 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41715 https://errata.almalinux.org/9/ALSA-2023-2357.html https://errata.rockylinux.org/RLSA-2023:0328 https://github.com/golang/go/commit/9d2c73a9fd69e45876509bb3bdb2af99bf77da1e (go1.18.7) https://github.com/golang/go/commit/f6d844510d5f1e3b3098eba255d9b633d45eac3b (go1.19.2) https://github.com/golang/go/issues/54663 https://go.dev/cl/432976 https://go.dev/issue/54663 https://groups.google.com/g/golang-announce/c/xtuG5faxtaU https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1 https://linux.oracle.com/cve/CVE-2022-2880.html https://linux.oracle.com/errata/ELSA-2024-3254.html https://nvd.nist.gov/vuln/detail/CVE-2022-2880 https://pkg.go.dev/vuln/GO-2022-1038 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-2880
stdlib	CVE-2022-29804	HIGH	v1.18	1.17.11, 1.18.3	https://go.dev/cl/401595 https://go.dev/issue/52476 https://go.googlesource.com/go/+/9cd1818a7d019c02fa4898b3e45a323e35033290 https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ https://linux.oracle.com/cve/CVE-2022-29804.html https://linux.oracle.com/errata/ELSA-2022-17957.html https://pkg.go.dev/vuln/GO-2022-0533
stdlib	CVE-2022-30580	HIGH	v1.18	1.17.11, 1.18.3	https://access.redhat.com/security/cve/CVE-2022-30580 https://go.dev/cl/403759 https://go.dev/issue/52574 https://go.googlesource.com/go/+/960ffa98ce73ef2c2060c84c7ac28d37a83f345e https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ https://linux.oracle.com/cve/CVE-2022-30580.html https://linux.oracle.com/errata/ELSA-2022-17957.html https://nvd.nist.gov/vuln/detail/CVE-2022-30580 https://pkg.go.dev/vuln/GO-2022-0532 https://www.cve.org/CVERecord?id=CVE-2022-30580
stdlib	CVE-2022-30630	HIGH	v1.18	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2024:2180 https://access.redhat.com/security/cve/CVE-2022-30630 https://bugzilla.redhat.com/2107342 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2024-2180.html https://errata.rockylinux.org/RLSA-2022:8250 https://github.com/golang/go/commit/315e80d293b684ac2902819e58f618f1b5a14d49 (1.18) https://go.dev/cl/417065 https://go.dev/issue/53415 https://go.googlesource.com/go/+/fa2d41d0ca736f3ad6b200b2a4e134364e9acc59 https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-30630.html https://linux.oracle.com/errata/ELSA-2024-2180.html https://nvd.nist.gov/vuln/detail/CVE-2022-30630 https://pkg.go.dev/vuln/GO-2022-0527 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-30630
stdlib	CVE-2022-30631	HIGH	v1.18	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2024:2180 https://access.redhat.com/security/cve/CVE-2022-30631 https://bugzilla.redhat.com/2107342 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2024-2180.html https://errata.rockylinux.org/RLSA-2022:8250 https://github.com/golang/go/commit/8e27a8ac4c001c27713810b75925aa3794049c48 (1.18) https://go.dev/cl/417067 https://go.dev/issue/53168 https://go.googlesource.com/go/+/b2b8872c876201eac2d0707276c6999ff3eb185e https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-30631.html https://linux.oracle.com/errata/ELSA-2024-2180.html https://nvd.nist.gov/vuln/detail/CVE-2022-30631 https://pkg.go.dev/vuln/GO-2022-0524 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-30631
stdlib	CVE-2022-30632	HIGH	v1.18	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2024:2180 https://access.redhat.com/security/cve/CVE-2022-30632 https://bugzilla.redhat.com/2107342 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2024-2180.html https://errata.rockylinux.org/RLSA-2022:8250 https://github.com/golang/go/commit/5ebd862b1714dad1544bd10a24c47cdb53ad7f46 (1.18) https://go.dev/cl/417066 https://go.dev/issue/53416 https://go.googlesource.com/go/+/ac68c6c683409f98250d34ad282b9e1b0c9095ef https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-30632.html https://linux.oracle.com/errata/ELSA-2024-2180.html https://nvd.nist.gov/vuln/detail/CVE-2022-30632 https://pkg.go.dev/vuln/GO-2022-0522 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-30632
stdlib	CVE-2022-30633	HIGH	v1.18	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2022:8057 https://access.redhat.com/security/cve/CVE-2022-30633 https://bugzilla.redhat.com/2044628 https://bugzilla.redhat.com/2045880 https://bugzilla.redhat.com/2050648 https://bugzilla.redhat.com/2050742 https://bugzilla.redhat.com/2050743 https://bugzilla.redhat.com/2065290 https://bugzilla.redhat.com/2107342 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107376 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2107390 https://bugzilla.redhat.com/2107392 https://bugzilla.redhat.com/show_bug.cgi?id=2044628 https://bugzilla.redhat.com/show_bug.cgi?id=2045880 https://bugzilla.redhat.com/show_bug.cgi?id=2050648 https://bugzilla.redhat.com/show_bug.cgi?id=2050742 https://bugzilla.redhat.com/show_bug.cgi?id=2050743 https://bugzilla.redhat.com/show_bug.cgi?id=2055349 https://bugzilla.redhat.com/show_bug.cgi?id=2065290 https://bugzilla.redhat.com/show_bug.cgi?id=2104367 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107376 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://bugzilla.redhat.com/show_bug.cgi?id=2107390 https://bugzilla.redhat.com/show_bug.cgi?id=2107392 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2022-8057.html https://errata.rockylinux.org/RLSA-2022:8057 https://github.com/golang/go/commit/2924ced71d16297320e8ff18829c2038e6ad8d9b (1.18) https://go.dev/cl/417061 https://go.dev/issue/53611 https://go.googlesource.com/go/+/c4c1993fd2a5b26fe45c09592af6d3388a3b2e08 https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-30633.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-30633 https://pkg.go.dev/vuln/GO-2022-0523 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-30633
stdlib	CVE-2022-30634	HIGH	v1.18	1.17.11, 1.18.3	https://go.dev/cl/402257 https://go.dev/issue/52561 https://go.googlesource.com/go/+/bb1f4416180511231de6d17a1f2f55c82aafc863 https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ https://linux.oracle.com/cve/CVE-2022-30634.html https://linux.oracle.com/errata/ELSA-2022-17957.html https://pkg.go.dev/vuln/GO-2022-0477
stdlib	CVE-2022-30635	HIGH	v1.18	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2023:2357 https://access.redhat.com/security/cve/CVE-2022-30635 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2113814 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2023-2357.html https://errata.rockylinux.org/RLSA-2022:8250 https://github.com/golang/go/commit/fb979a50823e5a0575cf6166b3f17a13364cbf81 (1.18) https://go.dev/cl/417064 https://go.dev/issue/53615 https://go.googlesource.com/go/+/6fa37e98ea4382bf881428ee0c150ce591500eb7 https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-30635.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-30635 https://pkg.go.dev/vuln/GO-2022-0526 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-30635
stdlib	CVE-2022-32189	HIGH	v1.18	1.17.13, 1.18.5	https://access.redhat.com/errata/RHSA-2023:2357 https://access.redhat.com/security/cve/CVE-2022-32189 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2113814 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=2059869 https://bugzilla.redhat.com/show_bug.cgi?id=2059870 https://bugzilla.redhat.com/show_bug.cgi?id=2060061 https://bugzilla.redhat.com/show_bug.cgi?id=2062597 https://bugzilla.redhat.com/show_bug.cgi?id=2064087 https://bugzilla.redhat.com/show_bug.cgi?id=2088459 https://bugzilla.redhat.com/show_bug.cgi?id=2105961 https://bugzilla.redhat.com/show_bug.cgi?id=2110864 https://bugzilla.redhat.com/show_bug.cgi?id=2113814 https://bugzilla.redhat.com/show_bug.cgi?id=2118831 https://bugzilla.redhat.com/show_bug.cgi?id=2123055 https://bugzilla.redhat.com/show_bug.cgi?id=2123210 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189 https://errata.almalinux.org/9/ALSA-2023-2357.html https://errata.rockylinux.org/RLSA-2022:7950 https://github.com/golang/go/commit/9240558e4f342fc6e98fec22de17c04b45089349 (1.18) https://go.dev/cl/417774 https://go.dev/issue/53871 https://go.googlesource.com/go/+/055113ef364337607e3e72ed7d48df67fde6fc66 https://groups.google.com/g/golang-announce/c/YqYYG87xB10 https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU https://linux.oracle.com/cve/CVE-2022-32189.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-32189 https://pkg.go.dev/vuln/GO-2022-0537 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-32189
stdlib	CVE-2022-41715	HIGH	v1.18	1.18.7, 1.19.2	https://access.redhat.com/errata/RHSA-2023:2592 https://access.redhat.com/security/cve/CVE-2022-41715 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/show_bug.cgi?id=2132867 https://bugzilla.redhat.com/show_bug.cgi?id=2132868 https://bugzilla.redhat.com/show_bug.cgi?id=2132872 https://bugzilla.redhat.com/show_bug.cgi?id=2149311 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2879 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2880 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41715 https://errata.almalinux.org/9/ALSA-2023-2592.html https://errata.rockylinux.org/RLSA-2023:0328 https://github.com/golang/go/commit/645abfe529dc325e16daa17210640c2907d1c17a (go1.19.2) https://github.com/golang/go/commit/e9017c2416ad0ef642f5e0c2eab2dbf3cba4d997 (go1.18.7) https://github.com/golang/go/issues/55949 https://go.dev/cl/439356 https://go.dev/issue/55949 https://groups.google.com/g/golang-announce/c/xtuG5faxtaU https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1 https://linux.oracle.com/cve/CVE-2022-41715.html https://linux.oracle.com/errata/ELSA-2024-3254.html https://nvd.nist.gov/vuln/detail/CVE-2022-41715 https://pkg.go.dev/vuln/GO-2022-1039 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://www.cve.org/CVERecord?id=CVE-2022-41715
stdlib	CVE-2022-41716	HIGH	v1.18	1.18.8, 1.19.3	https://go.dev/cl/446916 https://go.dev/issue/56284 https://groups.google.com/g/golang-announce/c/mbHY1UY3BaM/m/hSpmRzk-AgAJ https://linux.oracle.com/cve/CVE-2022-41716.html https://linux.oracle.com/errata/ELSA-2023-18908.html https://pkg.go.dev/vuln/GO-2022-1095
stdlib	CVE-2022-41720	HIGH	v1.18	1.18.9, 1.19.4	https://access.redhat.com/security/cve/CVE-2022-41720 https://go.dev/cl/455716 https://go.dev/issue/56694 https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ https://linux.oracle.com/cve/CVE-2022-41720.html https://linux.oracle.com/errata/ELSA-2023-18908.html https://nvd.nist.gov/vuln/detail/CVE-2022-41720 https://pkg.go.dev/vuln/GO-2022-1143 https://www.cve.org/CVERecord?id=CVE-2022-41720
stdlib	CVE-2022-41722	HIGH	v1.18	1.19.6, 1.20.1	https://access.redhat.com/security/cve/CVE-2022-41722 https://go.dev/cl/468123 https://go.dev/issue/57274 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://nvd.nist.gov/vuln/detail/CVE-2022-41722 https://pkg.go.dev/vuln/GO-2023-1568 https://www.cve.org/CVERecord?id=CVE-2022-41722
stdlib	CVE-2022-41723	HIGH	v1.18	1.19.6, 1.20.1	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2022-41723 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/advisories/GHSA-vvpx-j8f3-3w6h https://go.dev/cl/468135 https://go.dev/cl/468295 https://go.dev/issue/57855 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://linux.oracle.com/cve/CVE-2022-41723.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/ https://nvd.nist.gov/vuln/detail/CVE-2022-41723 https://pkg.go.dev/vuln/GO-2023-1571 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://vuln.go.dev/ID/GO-2023-1571.json https://www.couchbase.com/alerts https://www.couchbase.com/alerts/ https://www.cve.org/CVERecord?id=CVE-2022-41723
stdlib	CVE-2022-41724	HIGH	v1.18	1.19.6, 1.20.1	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2022-41724 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://go.dev/cl/468125 https://go.dev/issue/58001 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://linux.oracle.com/cve/CVE-2022-41724.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2022-41724 https://pkg.go.dev/vuln/GO-2023-1570 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6140-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2022-41724
stdlib	CVE-2022-41725	HIGH	v1.18	1.19.6, 1.20.1	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2022-41725 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/5c55ac9bf1e5f779220294c843526536605f42ab [1.19] https://go.dev/cl/468124 https://go.dev/issue/58006 https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E https://linux.oracle.com/cve/CVE-2022-41725.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2022-41725 https://pkg.go.dev/vuln/GO-2023-1569 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6140-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2022-41725
stdlib	CVE-2023-24534	HIGH	v1.18	1.19.8, 1.20.3	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24534 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/3991f6c41c7dfd167e889234c0cf1d840475e93c (go1.20.3) https://github.com/golang/go/commit/d6759e7a059f4208f07aa781402841d7ddaaef96 (go1.19.8) https://go.dev/cl/481994 https://go.dev/issue/58975 https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8 https://linux.oracle.com/cve/CVE-2023-24534.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24534 https://pkg.go.dev/vuln/GO-2023-1704 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230526-0007/ https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24534
stdlib	CVE-2023-24536	HIGH	v1.18	1.19.8, 1.20.3	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24536 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/7917b5f31204528ea72e0629f0b7d52b35b27538 (go.1.19.8) https://github.com/golang/go/commit/bf8c7c575c8a552d9d79deb29e80854dc88528d0 (go1.20.3) https://go.dev/cl/482075 https://go.dev/cl/482076 https://go.dev/cl/482077 https://go.dev/issue/59153 https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8 https://linux.oracle.com/cve/CVE-2023-24536.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24536 https://pkg.go.dev/vuln/GO-2023-1705 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230526-0007/ https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-24536
stdlib	CVE-2023-24537	HIGH	v1.18	1.19.8, 1.20.3	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24537 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/126a1d02da82f93ede7ce0bd8d3c51ef627f2104 (go1.19.8) https://github.com/golang/go/commit/e7c4b07ecf6b367f1afc9cc48cde963829dd0aab (go1.20.3) https://github.com/golang/go/issues/59180 https://go.dev/cl/482078 https://go.dev/issue/59180 https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8 https://linux.oracle.com/cve/CVE-2023-24537.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24537 https://pkg.go.dev/vuln/GO-2023-1702 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24537
stdlib	CVE-2023-24539	HIGH	v1.18	1.19.9, 1.20.4	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-24539 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/090590fdccc8442728aa31601927da1bf2ef1288 (go1.20.4) https://github.com/golang/go/commit/e49282327b05192e46086bf25fd3ac691205fe80 (go1.19.9) https://github.com/golang/go/issues/59720 https://go.dev/cl/491615 https://go.dev/issue/59720 https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU https://linux.oracle.com/cve/CVE-2023-24539.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-24539 https://pkg.go.dev/vuln/GO-2023-1751 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-24539
stdlib	CVE-2023-29400	HIGH	v1.18	1.19.9, 1.20.4	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29400 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/337dd75343145b74ed2073d793322eb4103b56ad (go1.20.4) https://github.com/golang/go/commit/9db0e74f606b8afb28cc71d4b1c8b4ed24cabbf5 (go1.19.9) https://github.com/golang/go/issues/59722 https://go.dev/cl/491617 https://go.dev/issue/59722 https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU https://linux.oracle.com/cve/CVE-2023-29400.html https://linux.oracle.com/errata/ELSA-2023-6939.html https://nvd.nist.gov/vuln/detail/CVE-2023-29400 https://pkg.go.dev/vuln/GO-2023-1753 https://ubuntu.com/security/notices/USN-6140-1 https://www.cve.org/CVERecord?id=CVE-2023-29400
stdlib	CVE-2023-29403	HIGH	v1.18	1.19.10, 1.20.5	https://access.redhat.com/errata/RHSA-2023:3923 https://access.redhat.com/security/cve/CVE-2023-29403 https://bugzilla.redhat.com/2216965 https://bugzilla.redhat.com/2217562 https://bugzilla.redhat.com/2217565 https://bugzilla.redhat.com/2217569 https://bugzilla.redhat.com/show_bug.cgi?id=2216965 https://bugzilla.redhat.com/show_bug.cgi?id=2217562 https://bugzilla.redhat.com/show_bug.cgi?id=2217565 https://bugzilla.redhat.com/show_bug.cgi?id=2217569 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29403 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29404 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29405 https://errata.almalinux.org/9/ALSA-2023-3923.html https://errata.rockylinux.org/RLSA-2023:3923 https://github.com/golang/go/commit/36144ba429ef2650940c72e7a0b932af3612d420 (go1.20.5) https://github.com/golang/go/commit/a7b1cd452ddc69a6606c2f35ac5786dc892e62cb (go1.19.10) https://github.com/golang/go/issues/60272 https://go.dev/cl/501223 https://go.dev/issue/60272 https://groups.google.com/g/golang-announce/c/q5135a9d924 https://groups.google.com/g/golang-announce/c/q5135a9d924/m/j0ZoAJOHAwAJ https://linux.oracle.com/cve/CVE-2023-29403.html https://linux.oracle.com/errata/ELSA-2023-3923.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ https://nvd.nist.gov/vuln/detail/CVE-2023-29403 https://pkg.go.dev/vuln/GO-2023-1840 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29403
stdlib	CVE-2023-39325	HIGH	v1.18	1.20.10, 1.21.3	golang.org/x/net https://access.redhat.com/errata/RHSA-2023:6077 https://access.redhat.com/security/cve/CVE-2023-39325 https://access.redhat.com/security/cve/CVE-2023-44487 https://access.redhat.com/security/vulnerabilities/RHSB-2023-003 https://bugzilla.redhat.com/2242803 https://bugzilla.redhat.com/2243296 https://bugzilla.redhat.com/show_bug.cgi?id=2242803 https://bugzilla.redhat.com/show_bug.cgi?id=2243296 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39325 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 https://errata.almalinux.org/9/ALSA-2023-6077.html https://errata.rockylinux.org/RLSA-2023:6077 https://github.com/golang/go/commit/24ae2d927285c697440fdde3ad7f26028354bcf3 [golang- 1.21] https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 [golang-1.20] https://github.com/golang/go/issues/63417 https://go.dev/cl/534215 https://go.dev/cl/534235 https://go.dev/issue/63417 https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ https://linux.oracle.com/cve/CVE-2023-39325.html https://linux.oracle.com/errata/ELSA-2023-5867.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OVW5V2DM5K5IC3H7O42YDUGNJ74J35O/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZQYOOKHQDQ57LV2IAG6NRFOVXKHJJ3Z/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2023-39325 https://pkg.go.dev/vuln/GO-2023-2102 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231110-0008 https://security.netapp.com/advisory/ntap-20231110-0008/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487 https://www.cve.org/CVERecord?id=CVE-2023-39325
stdlib	CVE-2023-45283	HIGH	v1.18	1.20.11, 1.21.4, 1.20.12, 1.21.5	http://www.openwall.com/lists/oss-security/2023/12/05/2 https://go.dev/cl/540277 https://go.dev/cl/541175 https://go.dev/issue/63713 https://go.dev/issue/64028 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://nvd.nist.gov/vuln/detail/CVE-2023-45283 https://pkg.go.dev/vuln/GO-2023-2185 https://security.netapp.com/advisory/ntap-20231214-0008/
stdlib	CVE-2023-45287	HIGH	v1.18	1.20.0	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-45287 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://go.dev/cl/326012/26 https://go.dev/issue/20654 https://groups.google.com/g/golang-announce/c/QMK8IQALDvA https://linux.oracle.com/cve/CVE-2023-45287.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-45287 https://people.redhat.com/~hkario/marvin/ https://pkg.go.dev/vuln/GO-2023-2375 https://security.netapp.com/advisory/ntap-20240112-0005/ https://www.cve.org/CVERecord?id=CVE-2023-45287
stdlib	CVE-2023-45288	HIGH	v1.18	1.21.9, 1.22.2	http://www.openwall.com/lists/oss-security/2024/04/03/16 http://www.openwall.com/lists/oss-security/2024/04/05/4 https://access.redhat.com/errata/RHSA-2024:2724 https://access.redhat.com/security/cve/CVE-2023-45288 https://bugzilla.redhat.com/2268017 https://bugzilla.redhat.com/2268018 https://bugzilla.redhat.com/2268019 https://bugzilla.redhat.com/2268273 https://bugzilla.redhat.com/show_bug.cgi?id=2268017 https://bugzilla.redhat.com/show_bug.cgi?id=2268018 https://bugzilla.redhat.com/show_bug.cgi?id=2268019 https://bugzilla.redhat.com/show_bug.cgi?id=2268273 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45288 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45289 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783 https://errata.almalinux.org/9/ALSA-2024-2724.html https://errata.rockylinux.org/RLSA-2024:2724 https://go.dev/cl/576155 https://go.dev/issue/65051 https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M https://kb.cert.org/vuls/id/421644 https://linux.oracle.com/cve/CVE-2023-45288.html https://linux.oracle.com/errata/ELSA-2024-3346.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/ https://nowotarski.info/http2-continuation-flood-technical-details https://nowotarski.info/http2-continuation-flood/ https://nvd.nist.gov/vuln/detail/CVE-2023-45288 https://pkg.go.dev/vuln/GO-2024-2687 https://security.netapp.com/advisory/ntap-20240419-0009 https://security.netapp.com/advisory/ntap-20240419-0009/ https://ubuntu.com/security/notices/USN-6886-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2023-45288 https://www.kb.cert.org/vuls/id/421644
stdlib	CVE-2024-34156	HIGH	v1.18	1.22.7, 1.23.1	https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib	CVE-2022-1705	MEDIUM	v1.18	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2023:2357 https://access.redhat.com/security/cve/CVE-2022-1705 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2113814 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2023-2357.html https://errata.rockylinux.org/RLSA-2022:8250 https://github.com/golang/go/commit/e5017a93fcde94f09836200bca55324af037ee5f https://go.dev/cl/409874 https://go.dev/cl/410714 https://go.dev/issue/53188 https://go.googlesource.com/go/+/e5017a93fcde94f09836200bca55324af037ee5f https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-1705.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-1705 https://pkg.go.dev/vuln/GO-2022-0525 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-1705
stdlib	CVE-2022-1962	MEDIUM	v1.18	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2022:8057 https://access.redhat.com/security/cve/CVE-2022-1962 https://bugzilla.redhat.com/2044628 https://bugzilla.redhat.com/2045880 https://bugzilla.redhat.com/2050648 https://bugzilla.redhat.com/2050742 https://bugzilla.redhat.com/2050743 https://bugzilla.redhat.com/2065290 https://bugzilla.redhat.com/2107342 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107376 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2107390 https://bugzilla.redhat.com/2107392 https://bugzilla.redhat.com/show_bug.cgi?id=2044628 https://bugzilla.redhat.com/show_bug.cgi?id=2045880 https://bugzilla.redhat.com/show_bug.cgi?id=2050648 https://bugzilla.redhat.com/show_bug.cgi?id=2050742 https://bugzilla.redhat.com/show_bug.cgi?id=2050743 https://bugzilla.redhat.com/show_bug.cgi?id=2055349 https://bugzilla.redhat.com/show_bug.cgi?id=2065290 https://bugzilla.redhat.com/show_bug.cgi?id=2104367 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107376 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://bugzilla.redhat.com/show_bug.cgi?id=2107390 https://bugzilla.redhat.com/show_bug.cgi?id=2107392 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23648 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21673 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21713 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2022-8057.html https://errata.rockylinux.org/RLSA-2022:8057 https://github.com/golang/go/commit/695be961d57508da5a82217f7415200a11845879 https://go.dev/cl/417063 https://go.dev/issue/53616 https://go.googlesource.com/go/+/695be961d57508da5a82217f7415200a11845879 https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-1962.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-1962 https://pkg.go.dev/vuln/GO-2022-0515 https://ubuntu.com/security/notices/USN-6038-1 https://www.cve.org/CVERecord?id=CVE-2022-1962
stdlib	CVE-2022-29526	MEDIUM	v1.18	1.17.10, 1.18.2	https://access.redhat.com/security/cve/CVE-2022-29526 https://github.com/golang/go https://github.com/golang/go/commit/f66925e854e71e0c54b581885380a490d7afa30c https://github.com/golang/go/issues/52313 https://go.dev/cl/399539 https://go.dev/cl/400074 https://go.dev/issue/52313 https://groups.google.com/g/golang-announce https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU https://linux.oracle.com/cve/CVE-2022-29526.html https://linux.oracle.com/errata/ELSA-2022-5337.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR https://nvd.nist.gov/vuln/detail/CVE-2022-29526 https://pkg.go.dev/vuln/GO-2022-0493 https://security.gentoo.org/glsa/202208-02 https://security.netapp.com/advisory/ntap-20220729-0001 https://security.netapp.com/advisory/ntap-20220729-0001/ https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-29526
stdlib	CVE-2022-32148	MEDIUM	v1.18	1.17.12, 1.18.4	https://access.redhat.com/errata/RHSA-2023:2357 https://access.redhat.com/security/cve/CVE-2022-32148 https://bugzilla.redhat.com/2107371 https://bugzilla.redhat.com/2107374 https://bugzilla.redhat.com/2107383 https://bugzilla.redhat.com/2107386 https://bugzilla.redhat.com/2107388 https://bugzilla.redhat.com/2113814 https://bugzilla.redhat.com/2124669 https://bugzilla.redhat.com/2132868 https://bugzilla.redhat.com/2132872 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/show_bug.cgi?id=2107342 https://bugzilla.redhat.com/show_bug.cgi?id=2107371 https://bugzilla.redhat.com/show_bug.cgi?id=2107374 https://bugzilla.redhat.com/show_bug.cgi?id=2107383 https://bugzilla.redhat.com/show_bug.cgi?id=2107386 https://bugzilla.redhat.com/show_bug.cgi?id=2107388 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30630 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148 https://errata.almalinux.org/9/ALSA-2023-2357.html https://errata.rockylinux.org/RLSA-2022:8250 https://github.com/golang/go/commit/ebea1e3353fa766025aa5190b9c7cc05cf069187 (1.18) https://go.dev/cl/412857 https://go.dev/issue/53423 https://go.googlesource.com/go/+/b2cc0fecc2ccd80e6d5d16542cc684f97b3a9c8a https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE https://linux.oracle.com/cve/CVE-2022-32148.html https://linux.oracle.com/errata/ELSA-2023-2802.html https://nvd.nist.gov/vuln/detail/CVE-2022-32148 https://pkg.go.dev/vuln/GO-2022-0520 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-32148
stdlib	CVE-2022-41717	MEDIUM	v1.18	1.18.9, 1.19.4	https://access.redhat.com/errata/RHSA-2023:6420 https://access.redhat.com/security/cve/CVE-2022-41717 https://bugzilla.redhat.com/2131146 https://bugzilla.redhat.com/2131147 https://bugzilla.redhat.com/2131148 https://bugzilla.redhat.com/2138014 https://bugzilla.redhat.com/2138015 https://bugzilla.redhat.com/2148252 https://bugzilla.redhat.com/2158420 https://bugzilla.redhat.com/2161274 https://bugzilla.redhat.com/2184483 https://cs.opensource.google/go/x/net https://errata.almalinux.org/9/ALSA-2023-6420.html https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4) https://github.com/golang/go/commit/76cad4edc29d28432a7a0aa27e87385d3d7db7a1 (go1.18.9) https://go.dev/cl/455635 https://go.dev/cl/455717 https://go.dev/issue/56350 https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ https://linux.oracle.com/cve/CVE-2022-41717.html https://linux.oracle.com/errata/ELSA-2023-6420.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV/ https://nvd.nist.gov/vuln/detail/CVE-2022-41717 https://pkg.go.dev/vuln/GO-2022-1144 https://security.gentoo.org/glsa/202311-09 https://ubuntu.com/security/notices/USN-6038-1 https://ubuntu.com/security/notices/USN-6038-2 https://www.cve.org/CVERecord?id=CVE-2022-41717
stdlib	CVE-2023-24532	MEDIUM	v1.18	1.19.7, 1.20.2	https://access.redhat.com/security/cve/CVE-2023-24532 https://go.dev/cl/471255 https://go.dev/issue/58647 https://groups.google.com/g/golang-announce/c/3-TpUx48iQY https://nvd.nist.gov/vuln/detail/CVE-2023-24532 https://pkg.go.dev/vuln/GO-2023-1621 https://www.cve.org/CVERecord?id=CVE-2023-24532
stdlib	CVE-2023-29406	MEDIUM	v1.18	1.19.11, 1.20.6	https://access.redhat.com/errata/RHSA-2023:6474 https://access.redhat.com/security/cve/CVE-2023-29406 https://bugzilla.redhat.com/2174485 https://bugzilla.redhat.com/2178358 https://bugzilla.redhat.com/2178488 https://bugzilla.redhat.com/2178492 https://bugzilla.redhat.com/2184481 https://bugzilla.redhat.com/2184482 https://bugzilla.redhat.com/2184483 https://bugzilla.redhat.com/2184484 https://bugzilla.redhat.com/2196026 https://bugzilla.redhat.com/2196027 https://bugzilla.redhat.com/2196029 https://bugzilla.redhat.com/2222167 https://bugzilla.redhat.com/2228689 https://errata.almalinux.org/9/ALSA-2023-6474.html https://github.com/golang/go/commit/312920c00aac9897b2a0693e752390b5b0711a5a (go1.20.6) https://github.com/golang/go/commit/5fa6923b1ea891400153d04ddf1545e23b40041b (go1.19.11) https://github.com/golang/go/issues/60374 https://go.dev/cl/506996 https://go.dev/issue/60374 https://groups.google.com/g/golang-announce/c/2q13H6LEEx0 https://linux.oracle.com/cve/CVE-2023-29406.html https://linux.oracle.com/errata/ELSA-2023-7202.html https://nvd.nist.gov/vuln/detail/CVE-2023-29406 https://pkg.go.dev/vuln/GO-2023-1878 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230814-0002/ https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://www.cve.org/CVERecord?id=CVE-2023-29406
stdlib	CVE-2023-29409	MEDIUM	v1.18	1.19.12, 1.20.7, 1.21.0-rc.4	https://access.redhat.com/errata/RHSA-2023:7766 https://access.redhat.com/security/cve/CVE-2023-29409 https://bugzilla.redhat.com/2228743 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2237777 https://bugzilla.redhat.com/2237778 https://errata.almalinux.org/9/ALSA-2023-7766.html https://go.dev/cl/515257 https://go.dev/issue/61460 https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ https://linux.oracle.com/cve/CVE-2023-29409.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-29409 https://pkg.go.dev/vuln/GO-2023-1987 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20230831-0010/ https://www.cve.org/CVERecord?id=CVE-2023-29409
stdlib	CVE-2023-39318	MEDIUM	v1.18	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39318 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/023b542edf38e2a1f87fcefb9f75ff2f99401b4c (go1.20.8) https://github.com/golang/go/commit/b0e1d3ea26e8e8fce7726690c9ef0597e60739fb (go1.21.1) https://go.dev/cl/526156 https://go.dev/issue/62196 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39318.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39318 https://pkg.go.dev/vuln/GO-2023-2041 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2041.json https://www.cve.org/CVERecord?id=CVE-2023-39318
stdlib	CVE-2023-39319	MEDIUM	v1.18	1.20.8, 1.21.1	https://access.redhat.com/errata/RHSA-2024:2160 https://access.redhat.com/security/cve/CVE-2023-39319 https://bugzilla.redhat.com/2237773 https://bugzilla.redhat.com/2237776 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2160.html https://github.com/golang/go/commit/2070531d2f53df88e312edace6c8dfc9686ab2f5 (go1.20.8) https://github.com/golang/go/commit/bbd043ff0d6d59f1a9232d31ecd5eacf6507bf6a (go1.21.1) https://go.dev/cl/526157 https://go.dev/issue/62197 https://groups.google.com/g/golang-announce/c/Fm51GRLNRvM https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ https://linux.oracle.com/cve/CVE-2023-39319.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://nvd.nist.gov/vuln/detail/CVE-2023-39319 https://pkg.go.dev/vuln/GO-2023-2043 https://security.gentoo.org/glsa/202311-09 https://security.netapp.com/advisory/ntap-20231020-0009/ https://ubuntu.com/security/notices/USN-6574-1 https://ubuntu.com/security/notices/USN-7061-1 https://ubuntu.com/security/notices/USN-7109-1 https://vuln.go.dev/ID/GO-2023-2043.json https://www.cve.org/CVERecord?id=CVE-2023-39319
stdlib	CVE-2023-39326	MEDIUM	v1.18	1.20.12, 1.21.5	https://access.redhat.com/errata/RHSA-2024:2272 https://access.redhat.com/security/cve/CVE-2023-39326 https://bugzilla.redhat.com/2253193 https://bugzilla.redhat.com/2253330 https://errata.almalinux.org/9/ALSA-2024-2272.html https://github.com/golang/go/commit/6446af942e2e2b161c4ec1b60d9703a2b55dc4dd (go1.20.12) https://github.com/golang/go/commit/ec8c526e4be720e94b98ca509e6364f0efaf28f7 (go1.21.5) https://go.dev/cl/547335 https://go.dev/issue/64433 https://groups.google.com/g/golang-dev/c/6ypN5EjibjM/m/KmLVYH_uAgAJ https://linux.oracle.com/cve/CVE-2023-39326.html https://linux.oracle.com/errata/ELSA-2024-2988.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIU6HOGV6RRIKWM57LOXQA75BGZSIH6G/ https://nvd.nist.gov/vuln/detail/CVE-2023-39326 https://pkg.go.dev/vuln/GO-2023-2382 https://ubuntu.com/security/notices/USN-6574-1 https://www.cve.org/CVERecord?id=CVE-2023-39326
stdlib	CVE-2023-45284	MEDIUM	v1.18	1.20.11, 1.21.4	https://go.dev/cl/540277 https://go.dev/issue/63713 https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY https://nvd.nist.gov/vuln/detail/CVE-2023-45284 https://pkg.go.dev/vuln/GO-2023-2186
10 other vulnerabilities found...
No Misconfigurations found