nats-server-config-reloader-0.22.3_linux_amd64

digest	sha256:0a207858dc96fbcfee4b12529b1fbb7718ea1cb2bfad60742691f61ca381a5eb
vulnerabilities
platform	linux/amd64
size	5.2 MB
packages	24

stdlib 1.25.6 (golang) pkg:golang/stdlib@1.25.6 # Dockerfile (38:38) COPY --from=deps /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ Affected range >=1.25.0-0 <1.25.7 Fixed version 1.25.7 EPSS Score 0.017% EPSS Percentile 4th percentile Description During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake. Affected range <1.25.8 Fixed version 1.25.8 EPSS Score 0.031% EPSS Percentile 9th percentile Description url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. Affected range <1.25.8 Fixed version 1.25.8 EPSS Score 0.011% EPSS Percentile 1st percentile Description Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actions in the meta content attribute which follow "url=" by setting htmlmetacontenturlescape=0. Affected range <1.25.8 Fixed version 1.25.8 EPSS Score 0.005% EPSS Percentile 0th percentile Description On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the filesystem without permitting reading or writing files outside the root.

zlib 1.3.1-r2 (apk) pkg:apk/alpine/zlib@1.3.1-r2?os_name=alpine&os_version=3.23 # Dockerfile (4:31) FROM alpine:3.23.3 AS deps ARG GO_APP ARG GORELEASER_DIST_DIR=/go/src/dist ARG TARGETOS ARG TARGETARCH ARG TARGETVARIANT RUN mkdir -p /go/bin /go/src ${GORELEASER_DIST_DIR} COPY --from=build ${GORELEASER_DIST_DIR}/ ${GORELEASER_DIST_DIR} RUN <<EOT set -e apk add --no-cache ca-certificates jq cd ${GORELEASER_DIST_DIR}/.. if [[ ${TARGETARCH} == "arm" ]]; then VARIANT=$(echo ${TARGETVARIANT} | sed 's/^v//'); fi BIN_PATH=$(jq -r ".[] |select(.type == \"Binary\" and \ .name == \"${GO_APP}\" and \ .goos == \"${TARGETOS}\" and \ .goarch == \"${TARGETARCH}\" and \ (.goarm == \"${VARIANT}\" or .goarm == null)) | .path" < /go/src/dist/artifacts.json) cp ${BIN_PATH} /go/bin EOT FROM alpine:3.23.3 Affected range <1.3.2-r0 Fixed version 1.3.2-r0 EPSS Score 0.017% EPSS Percentile 4th percentile Description Affected range <1.3.2-r0 Fixed version 1.3.2-r0 EPSS Score 0.007% EPSS Percentile 1st percentile Description

busybox 1.37.0-r30 (apk) pkg:apk/alpine/busybox@1.37.0-r30?os_name=alpine&os_version=3.23 # Dockerfile (4:31) FROM alpine:3.23.3 AS deps ARG GO_APP ARG GORELEASER_DIST_DIR=/go/src/dist ARG TARGETOS ARG TARGETARCH ARG TARGETVARIANT RUN mkdir -p /go/bin /go/src ${GORELEASER_DIST_DIR} COPY --from=build ${GORELEASER_DIST_DIR}/ ${GORELEASER_DIST_DIR} RUN <<EOT set -e apk add --no-cache ca-certificates jq cd ${GORELEASER_DIST_DIR}/.. if [[ ${TARGETARCH} == "arm" ]]; then VARIANT=$(echo ${TARGETVARIANT} | sed 's/^v//'); fi BIN_PATH=$(jq -r ".[] |select(.type == \"Binary\" and \ .name == \"${GO_APP}\" and \ .goos == \"${TARGETOS}\" and \ .goarch == \"${TARGETARCH}\" and \ (.goarm == \"${VARIANT}\" or .goarm == null)) | .path" < /go/src/dist/artifacts.json) cp ${BIN_PATH} /go/bin EOT FROM alpine:3.23.3 Affected range <=1.37.0-r30 Fixed version Not Fixed EPSS Score 0.064% EPSS Percentile 20th percentile Description