testkube-enterprise-worker-service-2.7.6_linux_amd64

digest	sha256:3f705faaef053c285c387842df848307746edef718e707118cbe3d0984b09d33
vulnerabilities
platform	linux/amd64
size	57 MB
packages	421

github.com/buger/jsonparser 1.1.1 (golang) pkg:golang/github.com/buger/jsonparser@1.1.1 Out-of-bounds Read Affected range <=1.1.1 Fixed version 1.1.2 CVSS Score 7.5 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Description The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack. Affected range >=0.0.0 Fixed version Not Fixed Description The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.

github.com/docker/cli 29.3.0+incompatible (golang) pkg:golang/github.com/docker/cli@29.3.0%2Bincompatible Affected range >=19.03.0+incompatible Fixed version Not Fixed EPSS Score 0.020% EPSS Percentile 5th percentile Description Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows in github.com/docker/cli

github.com/cloudflare/circl 1.6.1 (golang) pkg:golang/github.com/cloudflare/circl@1.6.1 Incorrect Calculation Affected range <1.6.3 Fixed version 1.6.3 CVSS Score 2.9 CVSS Vector CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P/S:N/AU:Y/U:Amber EPSS Score 0.020% EPSS Percentile 5th percentile Description The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas. ECDH and ECDSA signing relying on this curve are not affected. The bug was fixed in v1.6.3.