Open BrotherLavarius opened 1 month ago
consul-template v0.39.1 (cc8f954)
CVE-2024-34156 CVE-2024-34155 CVE-2024-34158
04:40:33 usr/local/bin/consul-template (gobinary) 04:40:33 ======================================== 04:40:33 Total: 3 (MEDIUM: 2, HIGH: 1, CRITICAL: 0) 04:40:33 04:40:33 ┌─────────┬────────────────┬──────────┬────────┬───────────────────┬────────────────┬─────────────────────────────────────────────────────────────┐ 04:40:33 │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ 04:40:33 ├─────────┼────────────────┼──────────┼────────┼───────────────────┼────────────────┼─────────────────────────────────────────────────────────────┤ 04:40:33 │ stdlib │ CVE-2024-34156 │ HIGH │ fixed │ 1.22.5 │ 1.22.7, 1.23.1 │ encoding/gob: golang: Calling Decoder.Decode on a message │ 04:40:33 │ │ │ │ │ │ │ which contains deeply nested structures... │ 04:40:33 │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-34156 │ 04:40:33 │ ├────────────────┼──────────┤ │ │ ├─────────────────────────────────────────────────────────────┤ 04:40:33 │ │ CVE-2024-34155 │ MEDIUM │ │ │ │ go/parser: golang: Calling any of the Parse functions │ 04:40:33 │ │ │ │ │ │ │ containing deeply nested literals... │ 04:40:33 │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-34155 │ 04:40:33 │ ├────────────────┤ │ │ │ ├─────────────────────────────────────────────────────────────┤ 04:40:33 │ │ CVE-2024-34158 │ │ │ │ │ go/build/constraint: golang: Calling Parse on a "// +build" │ 04:40:33 │ │ │ │ │ │ │ build tag line with... │ 04:40:33 │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-34158 │ 04:40:33 └─────────┴────────────────┴──────────┴────────┴───────────────────┴────────────────┴─────────────────────────────────────────────────────────────┘
Consul Template version
consul-template v0.39.1 (cc8f954)
Detected CVE
CVE-2024-34156 CVE-2024-34155 CVE-2024-34158
Builder output
References