kube-rbac-proxy-v0.18.1_linux_arm64

digest	`sha256:f62865289ccf45633f80a5a4e30fb86a704a2dd2ad84aa683faa45a32f74c2cf`
vulnerabilities
size	30 MB
packages	103

stdlib 1.23.0 (golang)

pkg:golang/stdlib@1.23.0

Affected range	`>=1.23.0-0 <1.23.1`
Fixed version	`1.23.1`
EPSS Score	`0.04%`
EPSS Percentile	`17th percentile`

Description

Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

Affected range	`>=1.23.0-0 <1.23.1`
Fixed version	`1.23.1`
EPSS Score	`0.04%`
EPSS Percentile	`17th percentile`

Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Affected range	`>=1.23.0-0 <1.23.1`
Fixed version	`1.23.1`
EPSS Score	`0.19%`
EPSS Percentile	`57th percentile`

Description

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

Affected range	`>=1.23.0-0 <1.23.1`
Fixed version	`1.23.1`
EPSS Score	`0.04%`
EPSS Percentile	`17th percentile`

Description

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.

k8s.io/apiserver 0.31.0 (golang)

pkg:golang/k8s.io/apiserver@0.31.0
OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

Affected range	`<1.15.10`
Fixed version	`1.15.10, 1.16.7, 1.17.3`
CVSS Score	`4.3`
CVSS Vector	`CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L`
EPSS Score	`0.17%`
EPSS Percentile	`54th percentile`

Description

The Kubernetes API server component has been found to be vulnerable to a denial of service attack via successful API requests.