Skip to content

kaniko/docker-credential-acr-env

Trivy Image Scan

  • Image: kaniko/docker-credential-acr-env
  • Scan date: 2024-12-04

kaniko/docker-credential-acr-env (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/golang-jwt/jwt/v4 CVE-2024-51744 LOW v4.5.0 4.5.1 https://access.redhat.com/security/cve/CVE-2024-51744 https://github.com/golang-jwt/jwt https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r https://nvd.nist.gov/vuln/detail/CVE-2024-51744 https://www.cve.org/CVERecord?id=CVE-2024-51744
stdlib CVE-2024-34156 HIGH v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib CVE-2024-34155 MEDIUM v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib CVE-2024-34158 MEDIUM v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

kaniko/docker-credential-ecr-login (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
stdlib CVE-2024-34156 HIGH v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib CVE-2024-34155 MEDIUM v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib CVE-2024-34158 MEDIUM v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

kaniko/docker-credential-gcr (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/docker/docker CVE-2024-41110 CRITICAL v27.0.3+incompatible 23.0.15, 26.1.5, 27.1.1, 25.0.6 https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
stdlib CVE-2024-34156 HIGH v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib CVE-2024-34155 MEDIUM v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib CVE-2024-34158 MEDIUM v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

kaniko/executor (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/docker/docker CVE-2024-41110 CRITICAL v27.0.3+incompatible 23.0.15, 26.1.5, 27.1.1, 25.0.6 https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/golang-jwt/jwt/v4 CVE-2024-51744 LOW v4.5.0 4.5.1 https://access.redhat.com/security/cve/CVE-2024-51744 https://github.com/golang-jwt/jwt https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r https://nvd.nist.gov/vuln/detail/CVE-2024-51744 https://www.cve.org/CVERecord?id=CVE-2024-51744
google.golang.org/grpc GHSA-xr7q-jx4m-x55m LOW v1.64.0 1.64.1 https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/ab292411ddc0f3b7a7786754d1fe05264c3021eb https://github.com/grpc/grpc-go/security/advisories/GHSA-xr7q-jx4m-x55m
stdlib CVE-2024-34156 HIGH v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib CVE-2024-34155 MEDIUM v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib CVE-2024-34158 MEDIUM v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found

kaniko/warmer (gobinary)

Package Vulnerability ID Severity Installed Version Fixed Version Links
github.com/docker/docker CVE-2024-41110 CRITICAL v27.0.3+incompatible 23.0.15, 26.1.5, 27.1.1, 25.0.6 https://access.redhat.com/security/cve/CVE-2024-41110 https://github.com/moby/moby https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191 https://github.com/moby/moby/commit/42f40b1d6dd7562342f832b9cd2adf9e668eeb76 https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919 https://github.com/moby/moby/commit/852759a7df454cbf88db4e954c919becd48faa9b https://github.com/moby/moby/commit/a31260625655cff9ae226b51757915e275e304b0 https://github.com/moby/moby/commit/a79fabbfe84117696a19671f4aa88b82d0f64fc1 https://github.com/moby/moby/commit/ae160b4edddb72ef4bd71f66b975a1a1cc434f00 https://github.com/moby/moby/commit/ae2b3666c517c96cbc2adf1af5591a6b00d4ec0f https://github.com/moby/moby/commit/cc13f952511154a2866bddbb7dddebfe9e83b801 https://github.com/moby/moby/commit/fc274cd2ff4cf3b48c91697fb327dd1fb95588fb https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq https://nvd.nist.gov/vuln/detail/CVE-2024-41110 https://www.cve.org/CVERecord?id=CVE-2024-41110 https://www.docker.com/blog/docker-security-advisory-docker-engine-authz-plugin
github.com/golang-jwt/jwt/v4 CVE-2024-51744 LOW v4.5.0 4.5.1 https://access.redhat.com/security/cve/CVE-2024-51744 https://github.com/golang-jwt/jwt https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r https://nvd.nist.gov/vuln/detail/CVE-2024-51744 https://www.cve.org/CVERecord?id=CVE-2024-51744
google.golang.org/grpc GHSA-xr7q-jx4m-x55m LOW v1.64.0 1.64.1 https://github.com/grpc/grpc-go https://github.com/grpc/grpc-go/commit/ab292411ddc0f3b7a7786754d1fe05264c3021eb https://github.com/grpc/grpc-go/security/advisories/GHSA-xr7q-jx4m-x55m
stdlib CVE-2024-34156 HIGH v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9473 https://access.redhat.com/security/cve/CVE-2024-34156 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2318052 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://errata.almalinux.org/9/ALSA-2024-9473.html https://errata.rockylinux.org/RLSA-2024:7204 https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7) https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1) https://go.dev/cl/611239 https://go.dev/issue/69139 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34156.html https://linux.oracle.com/errata/ELSA-2024-9473.html https://nvd.nist.gov/vuln/detail/CVE-2024-34156 https://pkg.go.dev/vuln/GO-2024-3106 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34156
stdlib CVE-2024-34155 MEDIUM v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34155 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/53487e5477151ed75da50e50a0ba8f1ca64c00a3 (go1.23.1) https://github.com/golang/go/commit/b232596139dbe96a62edbe3a2a203e856bf556eb (go1.22.7) https://go.dev/cl/611238 https://go.dev/issue/69138 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34155.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34155 https://pkg.go.dev/vuln/GO-2024-3105 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34155
stdlib CVE-2024-34158 MEDIUM v1.22.5 1.22.7, 1.23.1 https://access.redhat.com/errata/RHSA-2024:9459 https://access.redhat.com/security/cve/CVE-2024-34158 https://bugzilla.redhat.com/2310527 https://bugzilla.redhat.com/2310528 https://bugzilla.redhat.com/2310529 https://bugzilla.redhat.com/2315691 https://bugzilla.redhat.com/2315887 https://bugzilla.redhat.com/2317458 https://bugzilla.redhat.com/2317467 https://bugzilla.redhat.com/show_bug.cgi?id=2295310 https://bugzilla.redhat.com/show_bug.cgi?id=2310527 https://bugzilla.redhat.com/show_bug.cgi?id=2310528 https://bugzilla.redhat.com/show_bug.cgi?id=2310529 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24791 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34158 https://errata.almalinux.org/9/ALSA-2024-9459.html https://errata.rockylinux.org/RLSA-2024:6913 https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1) https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7) https://go.dev/cl/611240 https://go.dev/issue/69141 https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc https://groups.google.com/g/golang-dev/c/S9POB9NCTdk https://linux.oracle.com/cve/CVE-2024-34158.html https://linux.oracle.com/errata/ELSA-2024-9459.html https://nvd.nist.gov/vuln/detail/CVE-2024-34158 https://pkg.go.dev/vuln/GO-2024-3107 https://ubuntu.com/security/notices/USN-7081-1 https://ubuntu.com/security/notices/USN-7109-1 https://ubuntu.com/security/notices/USN-7111-1 https://www.cve.org/CVERecord?id=CVE-2024-34158
No Misconfigurations found