github-actions[bot]
commented
5 days ago :mag: Vulnerabilities of ghcr.io/uniget-org/tools/k3d:5.7.1
:package: Image Reference ghcr.io/uniget-org/tools/k3d:5.7.1
| digest | sha256:56dd6cdb516617dae457b56ef75849bb13e44f8195f8f08ecd17156d39d354f8 |
| vulnerabilities |      |
| platform | linux/amd64 |
| size | 9.0 MB |
| packages | 110 |
pkg:golang/stdlib@1.22.4
DescriptionThe net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. |
stdlib
This PR contains the following updates:
5.7.0->5.7.1Release Notes
k3d-io/k3d (k3d-io/k3d)
### [`v5.7.1`](https://togithub.com/k3d-io/k3d/releases/tag/v5.7.1) [Compare Source](https://togithub.com/k3d-io/k3d/compare/v5.7.0...v5.7.1) **Full Changelog**: https://github.com/k3d-io/k3d/compare/v5.7.0...v5.7.1Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.