You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by GitBox <gi...@apache.org> on 2022/11/02 19:40:57 UTC
[GitHub] [solr-operator] jkgonzio opened a new issue, #487: CVE Security Vulnerabilities
jkgonzio opened a new issue, #487:
URL: https://github.com/apache/solr-operator/issues/487
I ran a flexline scan and ran into some security vulnerabilities that should be remediated:
Vulnerability ID: CVE-2021-33194
Finding Level: High
Package: golang.org/x/net/html
Version: v0.0.0-20210520170846-37e1c6afe023
Fixed Version: 0.0.0-20210520170846-37e1c6afe023
Desc: golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.
Link: https://avd.aquasec.com/nvd/2021/cve-2021-33194/
Vulnerability ID: CVE-2022-27664
Finding Level: High
Package: golang.org/net/http
Version: v0.0.0-20210428140749-89ef3d95e781
Fixed version: 0.0.0-20220906165146-f3363e06e74c
Desc: In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
Link: https://avd.aquasec.com/nvd/2022/cve-2022-27664/
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org
[GitHub] [solr-operator] HoustonPutman closed issue #487: CVE Security Vulnerabilities
Posted by GitBox <gi...@apache.org>.
HoustonPutman closed issue #487: CVE Security Vulnerabilities
URL: https://github.com/apache/solr-operator/issues/487
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org