testkube-enterprise-worker-service-2.7.5_linux_arm64

digest	sha256:bf518a1def345b9cfb066e7ecb770b1355c9f87fc0de2096e1f522bfd0c03991
vulnerabilities
platform	linux/arm64
size	52 MB
packages	421

github.com/buger/jsonparser 1.1.1 (golang) pkg:golang/github.com/buger/jsonparser@1.1.1 Out-of-bounds Read Affected range <=1.1.1 Fixed version 1.1.2 CVSS Score 7.5 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Description The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack. Affected range >=0.0.0 Fixed version Not Fixed Description The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.

github.com/docker/cli 29.3.0+incompatible (golang) pkg:golang/github.com/docker/cli@29.3.0%2Bincompatible Affected range >=19.03.0+incompatible Fixed version Not Fixed EPSS Score 0.011% EPSS Percentile 1st percentile Description Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows in github.com/docker/cli

github.com/cloudflare/circl 1.6.1 (golang) pkg:golang/github.com/cloudflare/circl@1.6.1 Incorrect Calculation Affected range <1.6.3 Fixed version 1.6.3 CVSS Score 2.9 CVSS Vector CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P/S:N/AU:Y/U:Amber EPSS Score 0.020% EPSS Percentile 5th percentile Description The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas. ECDH and ECDSA signing relying on this curve are not affected. The bug was fixed in v1.6.3.