CVE's in golang stdlib - Githubissues

simpliste commented 2 months ago

Description

In latest version (11.1.0.14)


ghcr.io/schipholredesign/parking-api:5aff7723db32839e668bf7038b2034e54c15ee1e (alpine 3.20.3)
=============================================================================================
Total: 0 (HIGH: 0, CRITICAL: 0)

usr/bin/newrelic-daemon (gobinary)
==================================
Total: 1 (HIGH: 1, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬────────┬───────────────────┬────────────────┬───────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version  │                           Title                           │
├─────────┼────────────────┼──────────┼────────┼───────────────────┼────────────────┼───────────────────────────────────────────────────────────┤
│ stdlib  │ CVE-2024-34156 │ HIGH     │ fixed  │ 1.22.5            │ 1.22.7, 1.23.1 │ encoding/gob: golang: Calling Decoder.Decode on a message │
│         │                │          │        │                   │                │ which contains deeply nested structures...                │
│         │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2024-34156                │
└─────────┴────────────────┴──────────┴────────┴───────────────────┴────────────────┴───────────────────────────────────────────────────────────┘

workato-integration[bot] commented 2 months ago

https://new-relic.atlassian.net/browse/NR-310939

workato-integration[bot] commented 2 months ago

Work has been completed on this issue.

newrelic / newrelic-php-agent

CVE's in golang stdlib #959

Description