Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Vulnerabilities found for grafana-agent:0.37.4-22.04_69 #88

Open
ROCKsBot opened this issue Nov 30, 2024 · 0 comments
Open

Vulnerabilities found for grafana-agent:0.37.4-22.04_69 #88

ROCKsBot opened this issue Nov 30, 2024 · 0 comments

Comments

@ROCKsBot
Copy link

Vulnerabilities found for grafana-agent:0.37.4-22.04_69

ID Target Severity Package
CVE-2024-41110 /usr/bin/grafana-agent CRITICAL github.com/docker/docker
CVE-2023-49569 /usr/bin/grafana-agent CRITICAL github.com/go-git/go-git/v5
CVE-2023-49568 /usr/bin/grafana-agent HIGH github.com/go-git/go-git/v5
GHSA-7jwh-3vrq-q3m8 /usr/bin/grafana-agent HIGH github.com/jackc/pgproto3/v2
CVE-2024-27289 /usr/bin/grafana-agent HIGH github.com/jackc/pgx/v4
CVE-2024-27304 /usr/bin/grafana-agent HIGH github.com/jackc/pgx/v4
GHSA-87m9-rv8p-rgmg /usr/bin/grafana-agent HIGH github.com/mostynb/go-grpc-compression
CVE-2024-21626 /usr/bin/grafana-agent HIGH github.com/opencontainers/runc
CVE-2024-36129 /usr/bin/grafana-agent HIGH go.opentelemetry.io/collector/config/configgrpc
CVE-2024-36129 /usr/bin/grafana-agent HIGH go.opentelemetry.io/collector/config/confighttp
CVE-2023-47108 /usr/bin/grafana-agent HIGH go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
CVE-2024-24790 /usr/bin/grafana-agent CRITICAL stdlib
CVE-2024-34156 /usr/bin/grafana-agent HIGH stdlib

Affected tracks:

  • 0.37-22.04_beta
  • 0.37-22.04_candidate
  • 0.37-22.04_edge
  • 0.37-22.04_stable
  • 0.37.4-22.04_beta
  • 0.37.4-22.04_candidate
  • 0.37.4-22.04_edge
  • 0.37.4-22.04_stable

Details: https://github.com/canonical/oci-factory/actions/runs/12092456276

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant