Cloudsmith - Repositories - myob (myob) - appsec (appsec) - trufflehog

Package Search Help

You can use boolean logic (e.g. AND/OR/NOT) for complex search queries. For more help and examples, see the search documentation.

Search by package name:
my-package _(implicit)
name:my-package _(explicit)

Search by package filename:
my-package.ext _(implicit)
filename:my-package.ext _(explicit)

Search by package tag:
latest _(implicit)
tag:latest _(explicit)

Search by package version:
1.0.0 _(implicit)
version:1.0.0 _(explicit)
prerelease:true _{(prereleases)}
prerelease:false _{(no prereleases)}

Search by package architecture:
architecture:x86_64

Search by package distribution:
distribution:el

Search by package license:
license:MIT

Search by package format:
format:deb

Search by package status:
status:in_progress

Search by package file checksum:
checksum:5afba

Search by package security status:
severity:critical

Search by package vulnerabilities:
vulnerabilities:>1
vulnerabilities:<1000

Search by # of package downloads:
downloads:>8
downloads:<100

Search by package type:
type:binary
type:source

Search by package size (bytes):
size:>50000
size:<10000

Search by dependency name/version:
dependency:log4j
dependency:log4j=1.0.0
dependency:log4j>1.0.0

Search by uploaded date:
uploaded:>"1 day ago"
uploaded:<"August 14, 2022 EST"

Search by entitlement token (identifier):
entitlement:3lKPVJPosCsY

Search by policy violation:
policy_violated:true
deny_policy_violated:true
license_policy_violated:true
vulnerability_policy_violated:true

Search by repository:
repository:repo-name

Search queries for all Debian-specific (and related) package types

Search by component:
deb_component:unstable

Search queries for all Maven-specific (and related) package types

Search by group ID:
maven_group_id:org.apache

Search queries for all Docker-specific (and related) package types

Search by image digest:
docker_image_digest:sha256:7c5..6d4
(full hashref only)

Search by layer digest:
docker_layer_digest:sha256:4c4..ae4
(full hashref only)

Field type modifiers (depending on the type, you can influence behaviour)

For all queries, you can use:
~foo for negation

For string queries, you can use:
^foo to anchor to start of term
foo$ to anchor to end of term
foo*bar for fuzzy matching

For number/date or version queries, you can use:
>foo for values greater than
>=foo for values greater / equal
<foo for values less than
<=foo for values less / equal

Need a secure and centralised artifact repository to deliver Alpine, Cargo, CocoaPods, Composer, Conan, Conda, CRAN, Dart, Debian, Docker, Go, Helm, Hex, LuaRocks, Maven, npm, NuGet, P2, Python, RedHat, Ruby, Swift, Terraform, Vagrant, Raw & More packages?

Cloudsmith is the new standard in Package / Artifact Management and Software Distribution.

With support for all major package formats, you can trust us to manage your software supply chain.

Start My Free Trial

Set Me Up

Public — myob / appsec

public appsec packages

trufflehog 1174e804b216d3279f10e372574…

Download

One-liner (summary)

A certifiably-awesome package curated by ops-arch bot, hosted by Cloudsmith.

Description

A certifiably-awesome package curated by ops-arch bot, hosted by Cloudsmith.

License

Unknown

Size

38.5 MB

Downloads

Tags

image amd64 linux 0d8a928c5595ccc5aa4…

Status	Quarantined
GPG Signature	Download
Storage Region	Dublin, Ireland
Type	Binary (contains binaries and binary artifacts)
Uploaded At	11 months, 1 week ago
Uploaded By
Slug Id	trufflehog-kqph
Unique Id	OwkcvWVCePHO
Version (Raw)	1174e804b216d3279f10e3725748f5c53eac5abc5356ad5b861757e4e29b84c8
Version (Parsed)	Type: Unknown
	docker-specific metadata
Image Digest	sha256:1174e804b216d3279f10e3725748f5c53eac5abc5356ad5b861757e4e29b84c8
Config Digest	sha256:78baceddd1b6da35742e95c17a47f71b47e2ffd32f4e0282c628db6b632f9c1f
V1 OCI Index Digest	sha256:c780524dee1b3a9b245f9ad67aca8f84e24d9cb17bcc11b068aba05a6605e4c2
V1 Distribution (Signed) Digest	sha256:fc8e66254df501737edd3eac64507239407712798c0dfb26e2761b7e2b628b96
V1 OCI Digest	sha256:2bb6a5cd2d56f358f3222640278cfcae27730802c98642d20f4a9f2460bf4d71
V2 Distribution List Digest	sha256:143cf44a0ec537e7925a912bcdd436436a4e828ba0ae8ea8db1917e436b418db
V1 Distribution Digest	sha256:1f39fa11c3131eea9e0722b9197dd82dce2e68696633b9547b0ad0b253fd8ca3
V2 Distribution Digest	sha256:1174e804b216d3279f10e3725748f5c53eac5abc5356ad5b861757e4e29b84c8
	extended metadata
Manifest Type	V2 Distribution
Architecture	amd64
Config	Attach Stderr Attach Stdin Attach Stdout Entrypoint /entrypoint.sh Env GPG_KEY=A035C8C19219BA821ECEA86B64E628F8D684696D \| LANG=C.UTF-8 \| PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \| PYTHON_GET_PIP_SHA256=dfe9fd5c28dc98b5ac17979a953ea550cec37ae1b47a5116007395bfacff2ab9 \| PYTHON_GET_PIP_URL=https://github.com/pypa/get-pip/raw/dbf0c85f76fb6e1ab42aa672ffca6f0a675d9ee4/public/get-pip.py \| PYTHON_PIP_VERSION=24.0 \| PYTHON_SETUPTOOLS_VERSION=65.5.1 \| PYTHON_VERSION=3.11.9 Image sha256:58230b08b83c6dbf048fd94fd7a2f391fed7abff356d625f1cb822beb85de127 Open Stdin Stdin Once Tty User nonroot
Container	d120f5519fe1c1b5930fbba0b946a33777d2fc962bed536ddda631c988c83a2d
Container Config	Attach Stderr Attach Stdin Attach Stdout Cmd /bin/sh -c #(nop) ENTRYPOINT ["/entrypoint.sh"] Entrypoint /entrypoint.sh Env GPG_KEY=A035C8C19219BA821ECEA86B64E628F8D684696D \| LANG=C.UTF-8 \| PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \| PYTHON_GET_PIP_SHA256=dfe9fd5c28dc98b5ac17979a953ea550cec37ae1b47a5116007395bfacff2ab9 \| PYTHON_GET_PIP_URL=https://github.com/pypa/get-pip/raw/dbf0c85f76fb6e1ab42aa672ffca6f0a675d9ee4/public/get-pip.py \| PYTHON_PIP_VERSION=24.0 \| PYTHON_SETUPTOOLS_VERSION=65.5.1 \| PYTHON_VERSION=3.11.9 Hostname d120f5519fe1 Image sha256:58230b08b83c6dbf048fd94fd7a2f391fed7abff356d625f1cb822beb85de127 Open Stdin Stdin Once Tty User nonroot
Created	2024-05-23 01:12:50 UTC
Docker Version	20.10.25
Os	linux

This package was uploaded with the following V2 Distribution manifest:

{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
   "config": {
      "mediaType": "application/vnd.docker.container.image.v1+json",
      "size": 10098,
      "digest": "sha256:0bacd01ed4205f95bea2a081ce5bd5925cfbdc1bb50052551a8e816a7492004f"
   },
   "layers": [
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 3408729,
         "digest": "sha256:4abcf20661432fb2d719aaf90656f55c287f8ca915dc1c92ec14ff61e67fbaf8"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 619598,
         "digest": "sha256:c3cdf40b8bda8e4ca4be0f5fa7f1d128907271efcbc72cbfc7c8b0f939ec25ea"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 12669619,
         "digest": "sha256:ac499ccf2147611bc4388058b362c0bcc1ca63ec1a320a2f4ed5c0a9a76d08ea"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 240,
         "digest": "sha256:416bfceb623eb12bf1c373489e0dba32f00fd4fef037b369538d190c615d49cd"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 3130184,
         "digest": "sha256:76351c33299b900aa86b33176eac198fc861d4a7978046db4ae8b319e148088a"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 5184793,
         "digest": "sha256:36064617917f1dde926a9615c154779b2adc877323bdf426c50bfcde49bb9614"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 5756670,
         "digest": "sha256:3dceaf39719d350b7b9502352a068caa59ece413d8d769b3b6b3762d4a1ad7c0"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 544,
         "digest": "sha256:59cd586d2d185b3b4ed249cf30a6237f660881f05ef147fbe7f481abb0e53be2"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1272,
         "digest": "sha256:b7d33053578aa4b727164a8830fa3d71c85f8cf35944504f30690756ef1110cd"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 935,
         "digest": "sha256:ed979ec45976ac5b83d930044e8aafb7d9b1e125a603b3154c1fd6d732e03cf8"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1478,
         "digest": "sha256:419033e9e432ba70479103d021e9d0a79cec5a7ea4ebb9bf04eefc05a7ee4931"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 4784587,
         "digest": "sha256:5c08eef302ac3ea496d0e997a1c26c6fd57bc22ba8915c38d241720186ae5062"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 934,
         "digest": "sha256:aae6058e38bd06d797016bddea8ea9ee461658271c46f6696f40093cb99a94bc"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 4784587,
         "digest": "sha256:5c08eef302ac3ea496d0e997a1c26c6fd57bc22ba8915c38d241720186ae5062"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 934,
         "digest": "sha256:aae6058e38bd06d797016bddea8ea9ee461658271c46f6696f40093cb99a94bc"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 154,
         "digest": "sha256:5c5a65e46d81a5ab3582d89db678c0a20fbbf77e8041c71663f63690df3c362a"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 127,
         "digest": "sha256:7adb487ab431b49393b8f9fe7b319c74d129a433721360a40074a51ab0cb140b"
      }
   ]
}

	Digest: sha256:4abcf20661432fb2d719aaf90656f55c287f8ca915dc1c92ec14ff61e67fbaf8 Command: /bin/sh -c #(nop) ADD file:37a76ec18f9887751cd8473744917d08b7431fc4085097bb6a09d81b41775473 in /	3.3 MB
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: /bin/sh -c #(nop) CMD ["/bin/sh"]	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV LANG=C.UTF-8	32 bytes
	Digest: sha256:c3cdf40b8bda8e4ca4be0f5fa7f1d128907271efcbc72cbfc7c8b0f939ec25ea Command: RUN /bin/sh -c set -eux; apk add --no-cache ca-certificates tzdata ; # buildkit	605.1 KB
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV GPG_KEY=A035C8C19219BA821ECEA86B64E628F8D684696D	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV PYTHON_VERSION=3.11.9	32 bytes
	Digest: sha256:ac499ccf2147611bc4388058b362c0bcc1ca63ec1a320a2f4ed5c0a9a76d08ea Command: RUN /bin/sh -c set -eux; apk add --no-cache --virtual .build-deps gnupg tar xz bluez-dev bzip2-dev dpkg-dev dpkg expat-dev findutils gcc gdbm-dev libc-dev libffi-dev libnsl-dev libtirpc-dev linux-headers make ncurses-dev openssl-dev pax-utils readline-dev sqlite-dev tcl-dev tk tk-dev util-linux-dev xz-dev zlib-dev ; wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]}/Python-$PYTHON_VERSION.tar.xz"; wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]}/Python-$PYTHON_VERSION.tar.xz.asc"; GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; gpg --batch --verify python.tar.xz.asc python.tar.xz; gpgconf --kill all; rm -rf "$GNUPGHOME" python.tar.xz.asc; mkdir -p /usr/src/python; tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; rm python.tar.xz; cd /usr/src/python; gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; ./configure --build="$gnuArch" --enable-loadable-sqlite-extensions --enable-optimizations --enable-option-checking=fatal --enable-shared --with-lto --with-system-expat --without-ensurepip ; nproc="$(nproc)"; EXTRA_CFLAGS="-DTHREAD_STACK_SIZE=0x100000"; LDFLAGS="${LDFLAGS:--Wl},--strip-all"; make -j "$nproc" "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" "LDFLAGS=${LDFLAGS:-}" "PROFILE_TASK=${PROFILE_TASK:-}" ; rm python; make -j "$nproc" "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" "LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" "PROFILE_TASK=${PROFILE_TASK:-}" python ; make install; cd /; rm -rf /usr/src/python; find /usr/local -depth $ \( -type d -a \( -name test -o -name tests -o -name idle_test $ \) -o $ -type f -a \( -name '.pyc' -o -name '.pyo' -o -name 'libpython.a' $ \) \) -exec rm -rf '{}' + ; find /usr/local -type f -executable -not $ -name 'tkinter*' $ -exec scanelf --needed --nobanner --format '%n#p' '{}' ';' \| tr ',' '\n' \| sort -u \| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \| xargs -rt apk add --no-network --virtual .python-rundeps ; apk del --no-network .build-deps; python3 --version # buildkit	12.1 MB
	Digest: sha256:416bfceb623eb12bf1c373489e0dba32f00fd4fef037b369538d190c615d49cd Command: RUN /bin/sh -c set -eux; for src in idle3 pydoc3 python3 python3-config; do dst="$(echo "$src" \| tr -d 3)"; [ -s "/usr/local/bin/$src" ]; [ ! -e "/usr/local/bin/$dst" ]; ln -svT "$src" "/usr/local/bin/$dst"; done # buildkit	240 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV PYTHON_PIP_VERSION=24.0	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV PYTHON_SETUPTOOLS_VERSION=65.5.1	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV PYTHON_GET_PIP_URL=https://github.com/pypa/get-pip/raw/dbf0c85f76fb6e1ab42aa672ffca6f0a675d9ee4/public/get-pip.py	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: ENV PYTHON_GET_PIP_SHA256=dfe9fd5c28dc98b5ac17979a953ea550cec37ae1b47a5116007395bfacff2ab9	32 bytes
	Digest: sha256:76351c33299b900aa86b33176eac198fc861d4a7978046db4ae8b319e148088a Command: RUN /bin/sh -c set -eux; wget -O get-pip.py "$PYTHON_GET_PIP_URL"; echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" \| sha256sum -c -; export PYTHONDONTWRITEBYTECODE=1; python get-pip.py --disable-pip-version-check --no-cache-dir --no-compile "pip==$PYTHON_PIP_VERSION" "setuptools==$PYTHON_SETUPTOOLS_VERSION" ; rm -f get-pip.py; pip --version # buildkit	3.0 MB
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: CMD ["python3"]	32 bytes
	Digest: sha256:36064617917f1dde926a9615c154779b2adc877323bdf426c50bfcde49bb9614 Command: /bin/sh -c apk add --no-cache git less	4.9 MB
	Digest: sha256:3dceaf39719d350b7b9502352a068caa59ece413d8d769b3b6b3762d4a1ad7c0 Command: /bin/sh -c pip install gitdb2==3.0.0 truffleHog==2.2.1	5.5 MB
	Digest: sha256:59cd586d2d185b3b4ed249cf30a6237f660881f05ef147fbe7f481abb0e53be2 Command: /bin/sh -c addgroup -S nonroot	544 bytes
	Digest: sha256:b7d33053578aa4b727164a8830fa3d71c85f8cf35944504f30690756ef1110cd Command: /bin/sh -c adduser -D -G nonroot nonroot	1.2 KB
	Digest: sha256:ed979ec45976ac5b83d930044e8aafb7d9b1e125a603b3154c1fd6d732e03cf8 Command: /bin/sh -c #(nop) COPY file:5fbca488294946f8ac6651f2e648773635173b1ac589f7e10380be125fa5e7d1 in /entrypoint.sh	935 bytes
	Digest: sha256:419033e9e432ba70479103d021e9d0a79cec5a7ea4ebb9bf04eefc05a7ee4931 Command: /bin/sh -c #(nop) COPY file:32b341b97cc7a6ce285b7f7d2ce7478c94abb5bcb5007621f352005e85aa69b5 in /regex.json	1.4 KB
	Digest: sha256:5c08eef302ac3ea496d0e997a1c26c6fd57bc22ba8915c38d241720186ae5062 Command: /bin/sh -c #(nop) COPY file:f45e7cf5fd6d790ebd70304b22e9b74f1c3ed3d7b4bd9d93df9f06ed82daf049 in /bin/git-credential-myob	4.6 MB
	Digest: sha256:aae6058e38bd06d797016bddea8ea9ee461658271c46f6696f40093cb99a94bc Command: /bin/sh -c chmod +x /entrypoint.sh	934 bytes
	Digest: sha256:5c08eef302ac3ea496d0e997a1c26c6fd57bc22ba8915c38d241720186ae5062 Command: /bin/sh -c chmod g+x /bin/git-credential-myob	4.6 MB
	Digest: sha256:aae6058e38bd06d797016bddea8ea9ee461658271c46f6696f40093cb99a94bc Command: /bin/sh -c chmod g+x /entrypoint.sh	934 bytes
	Digest: sha256:5c5a65e46d81a5ab3582d89db678c0a20fbbf77e8041c71663f63690df3c362a Command: /bin/sh -c mkdir /tmp/truffle	154 bytes
	Digest: sha256:7adb487ab431b49393b8f9fe7b319c74d129a433721360a40074a51ab0cb140b Command: /bin/sh -c chown -R nonroot:nonroot /tmp/truffle	127 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: /bin/sh -c #(nop) USER nonroot	32 bytes
	Digest: sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 Command: /bin/sh -c #(nop) ENTRYPOINT ["/entrypoint.sh"]	32 bytes

trufflehog dbd3c981f929f58bc7d508cb9361b360085cc4d…	image amd64 linux 038f56f0a9a024d5fa1… 42.3 MB — 7 months ago	1
trufflehog 8dc11cf78f5cad39708ea6bd29a9edf9c998a8e…	image amd64 linux d4e3958e862b97cf110… 42.3 MB — 7 months ago	0
trufflehog 7dc481950b27e7e7466b710c1cb504cfc0d88d4…	image amd64 linux latest 42.3 MB — 8 months, 4 weeks ago	35047
trufflehog 3568c89c024ac974a3e9abdeb7654ecfee61e20…	image amd64 linux 42.3 MB — 8 months, 4 weeks ago	0
trufflehog cf3090e32883c24e14209b6638aa7c614858d71…	image amd64 linux 46102e0e78b1189aba1… 42.3 MB — 8 months, 4 weeks ago	0
trufflehog 846a4b4fe329209770e8b7127bfae86418b322a…	image amd64 linux 6a0e4f691d5346c1bb3… 108.4 MB — 8 months, 4 weeks ago	0
trufflehog 502dbf8e9ceb4fa08388ea7fdededa028642d52…	image amd64 linux 4c2bbf733f27e3acee5… 39.2 MB — 8 months, 4 weeks ago	0
trufflehog a59128c97d044f6e03004f45f8ef7caa1a18c5b…	image amd64 linux 19c4d2f6678cacdc28e… 39.2 MB — 11 months, 1 week ago	0
trufflehog dee383798f60a930333da09b5d90a2f46a9ef4a…	image amd64 linux 956ef85e2ce66273544… 38.5 MB — 11 months, 1 week ago	0
trufflehog 70315e5910f629da5f152cc34e9996eee67da94…	image amd64 linux ee383c5b98096d89ee5… 38.5 MB — 11 months, 2 weeks ago	0
trufflehog f15757d9516bc0a7ed34f4ffea1a3ab6984d51c…	image amd64 linux 3d6754c6ba88531ba7f… 38.5 MB — 1 year ago	15538
trufflehog 854c45dd9bc901405206ad319ec685164cde793…	image amd64 linux 0ab211a9f0c3f7bd3c0… 38.5 MB — 1 year ago	0
trufflehog 7ab713e713c2508c290c7be09ff7e865813743f…	image amd64 linux 0526b281abaf386ae40… 38.2 MB — 1 year ago	0
trufflehog aab42c3ff28fe11831ccd5a84736df770769e7e…	image amd64 linux 2c5599db012c5a631e7… 38.5 MB — 1 year ago	0
trufflehog 7f8bae9fe573d0b590d25c66c501b9058944ef4…	image amd64 linux f2608c331a60ae6e1b4… 39.7 MB — 1 year ago	1
trufflehog 8dc6bc1a1283f9ff6f196e418e6eae6b78c8610…	image amd64 linux 2cef68c479766201741… 39.7 MB — 1 year ago	0
trufflehog a940d1ed5842e7b281dc0dfa54ea7aa992a8312…	image amd64 linux b5731b499c6d842fe00… 21028a72563441c169c… 39.7 MB — 1 year ago	2
trufflehog 5035e460e0a9a3db3149815478d67c43a1b3278…	image amd64 linux 1c60234b0b33fdd430f… 35.9 MB — 1 year ago	22
trufflehog 1174e804b216d3279f10e3725748f5c53eac5ab…	image amd64 linux 0d8a928c5595ccc5aa4… 38.5 MB — 11 months, 1 week ago	0
trufflehog 0ef3c29311c8a9cdabc3ae4bc2ce3aff3552841…	image amd64 linux 5db7cd6f4e56c0f142f… 35.6 MB — 1 year, 5 months ago	36

Only packages within the same repository are displayed. The current package you're viewing is highlighted.

Last scanned

11 months, 1 week ago

Scan result

Vulnerable

Vulnerability count

Max. severity

Critical

Target:	. (alpine 3.19.1)
MEDIUM	CVE-2023-42363: busybox: use-after-free in awk A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1. Package Name: busybox Installed Version: 1.36.1-r15 Fixed Version: 1.36.1-r17 References: access.redhat.com bugs.busybox.net nvd.nist.gov www.cve.org
MEDIUM	CVE-2023-42366: busybox: A heap-buffer-overflow A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159. Package Name: busybox Installed Version: 1.36.1-r15 Fixed Version: 1.36.1-r16 References: access.redhat.com bugs.busybox.net nvd.nist.gov www.cve.org
MEDIUM	CVE-2023-42363: busybox: use-after-free in awk A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1. Package Name: busybox-binsh Installed Version: 1.36.1-r15 Fixed Version: 1.36.1-r17 References: access.redhat.com bugs.busybox.net nvd.nist.gov www.cve.org
MEDIUM	CVE-2023-42366: busybox: A heap-buffer-overflow A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159. Package Name: busybox-binsh Installed Version: 1.36.1-r15 Fixed Version: 1.36.1-r16 References: access.redhat.com bugs.busybox.net nvd.nist.gov www.cve.org
MEDIUM	CVE-2024-4603: openssl: Excessive time spent checking DSA keys and parameters Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform various checks on DSA parameters. Some of those computations take a long time if the modulus (`p` parameter) is too large. Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks. An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable. Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the `-check` option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue. Package Name: libcrypto3 Installed Version: 3.1.4-r5 Fixed Version: 3.1.5-r0 References: access.redhat.com github.com github.com github.com github.com nvd.nist.gov www.cve.org www.openssl.org
MEDIUM	CVE-2024-4603: openssl: Excessive time spent checking DSA keys and parameters Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform various checks on DSA parameters. Some of those computations take a long time if the modulus (`p` parameter) is too large. Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks. An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable. Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the `-check` option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue. Package Name: libssl3 Installed Version: 3.1.4-r5 Fixed Version: 3.1.5-r0 References: access.redhat.com github.com github.com github.com github.com nvd.nist.gov www.cve.org www.openssl.org
MEDIUM	CVE-2023-42363: busybox: use-after-free in awk A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1. Package Name: ssl_client Installed Version: 1.36.1-r15 Fixed Version: 1.36.1-r17 References: access.redhat.com bugs.busybox.net nvd.nist.gov www.cve.org
MEDIUM	CVE-2023-42366: busybox: A heap-buffer-overflow A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159. Package Name: ssl_client Installed Version: 1.36.1-r15 Fixed Version: 1.36.1-r16 References: access.redhat.com bugs.busybox.net nvd.nist.gov www.cve.org
LOW	CVE-2024-2511: openssl: Unbounded memory growth with session handling in TLSv1.3 Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue. Package Name: libcrypto3 Installed Version: 3.1.4-r5 Fixed Version: 3.1.4-r6 References: www.openwall.com access.redhat.com github.com github.com github.com github.openssl.org nvd.nist.gov security.netapp.com www.cve.org www.openssl.org www.openssl.org
LOW	CVE-2024-2511: openssl: Unbounded memory growth with session handling in TLSv1.3 Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue. Package Name: libssl3 Installed Version: 3.1.4-r5 Fixed Version: 3.1.4-r6 References: www.openwall.com access.redhat.com github.com github.com github.com github.openssl.org nvd.nist.gov security.netapp.com www.cve.org www.openssl.org www.openssl.org
Target:	Python
CRITICAL	CVE-2023-40267: GitPython: Insecure non-multi options in clone and clone_from is not blocked GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439. Package Name: GitPython Installed Version: 3.0.6 Fixed Version: 3.1.32 References: access.redhat.com github.com github.com github.com github.com github.com github.com lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov ubuntu.com www.cve.org
HIGH	CVE-2022-24439: GitPython: improper user input validation leads into a RCE All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments. Package Name: GitPython Installed Version: 3.0.6 Fixed Version: 3.1.30 References: access.redhat.com github.com github.com github.com github.com github.com github.com lists.debian.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov security.gentoo.org security.snyk.io ubuntu.com www.cve.org
HIGH	CVE-2023-40590: gitpython: improper executable lookup on windows GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the `git` command, if a user runs GitPython from a repo has a `git.exe` or `git` executable, that program will be run instead of the one in the user's `PATH`. This is more of a problem on how Python interacts with Windows systems, Linux and any other OS aren't affected by this. But probably people using GitPython usually run it from the CWD of a repo. An attacker can trick a user to download a repository with a malicious `git` executable, if the user runs/imports GitPython from that directory, it allows the attacker to run any arbitrary commands. There is no fix currently available for windows users, however there are a few mitigations. 1: Default to an absolute path for the git program on Windows, like `C:\\Program Files\\Git\\cmd\\git.EXE` (default git path installation). 2: Require users to set the `GIT_PYTHON_GIT_EXECUTABLE` environment variable on Windows systems. 3: Make this problem prominent in the documentation and advise users to never run GitPython from an untrusted repo, or set the `GIT_PYTHON_GIT_EXECUTABLE` env var to an absolute path. 4: Resolve the executable manually by only looking into the `PATH` environment variable. Package Name: GitPython Installed Version: 3.0.6 Fixed Version: 3.1.33 References: access.redhat.com docs.python.org github.com github.com github.com github.com github.com github.com github.com nvd.nist.gov www.cve.org
HIGH	CVE-2024-22190: Untrusted search path under some conditions on Windows allows arbitrary code execution GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run `git`, as well as when it runs `bash.exe` to interpret hooks. If either of those features are used on Windows, a malicious `git.exe` or `bash.exe` may be run from an untrusted repository. This issue has been patched in version 3.1.41. Package Name: GitPython Installed Version: 3.0.6 Fixed Version: 3.1.41 References: github.com github.com github.com github.com github.com nvd.nist.gov
MEDIUM	CVE-2023-41040: GitPython: Blind local file inclusion GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has not yet been addressed. Package Name: GitPython Installed Version: 3.0.6 Fixed Version: 3.1.37 References: access.redhat.com github.com github.com github.com github.com github.com github.com github.com lists.debian.org nvd.nist.gov www.cve.org
Target:	bin/git-credential-myob
HIGH	CVE-2023-39325: golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function. Package Name: golang.org/x/net Installed Version: v0.7.0 Fixed Version: 0.17.0 References: None access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com go.dev go.dev go.dev groups.google.com linux.oracle.com linux.oracle.com lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov pkg.go.dev security.gentoo.org security.netapp.com security.netapp.com ubuntu.com www.cisa.gov www.cve.org
MEDIUM	CVE-2023-3978: golang.org/x/net/html: Cross site scripting Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack. Package Name: golang.org/x/net Installed Version: v0.7.0 Fixed Version: 0.13.0 References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com errata.almalinux.org go.dev go.dev linux.oracle.com linux.oracle.com nvd.nist.gov pkg.go.dev www.cve.org
MEDIUM	CVE-2023-44487: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. Package Name: golang.org/x/net Installed Version: v0.7.0 Fixed Version: 0.17.0 References: www.openwall.com www.openwall.com www.openwall.com www.openwall.com www.openwall.com www.openwall.com access.redhat.com access.redhat.com access.redhat.com akka.io arstechnica.com arstechnica.com aws.amazon.com aws.amazon.com blog.cloudflare.com blog.cloudflare.com blog.cloudflare.com blog.cloudflare.com blog.litespeedtech.com blog.litespeedtech.com blog.qualys.com blog.vespa.ai blog.vespa.ai bugzilla.proxmox.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.suse.com cgit.freebsd.org chaos.social cloud.google.com cloud.google.com cloud.google.com community.traefik.io cve.mitre.org devblogs.microsoft.com discuss.hashicorp.com edg.io errata.almalinux.org errata.rockylinux.org forums.swift.org gist.github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com github.com go.dev go.dev go.dev groups.google.com groups.google.com istio.io istio.io linkerd.io linkerd.io linux.oracle.com linux.oracle.com lists.apache.org lists.debian.org lists.debian.org lists.debian.org lists.debian.org lists.debian.org lists.debian.org lists.debian.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org lists.w3.org mailman.nginx.org martinthomson.github.io msrc.microsoft.com msrc.microsoft.com msrc.microsoft.com my.f5.com netty.io news.ycombinator.com news.ycombinator.com news.ycombinator.com news.ycombinator.com nodejs.org nvd.nist.gov openssf.org openssf.org pkg.go.dev seanmonstar.com security.gentoo.org security.netapp.com security.netapp.com security.netapp.com security.netapp.com security.paloaltonetworks.com tomcat.apache.org tomcat.apache.org tomcat.apache.org tomcat.apache.org ubuntu.com ubuntu.com ubuntu.com ubuntu.com ubuntu.com ubuntu.com ubuntu.com www.bleepingcomputer.com www.bleepingcomputer.com www.cisa.gov www.cve.org www.darkreading.com www.debian.org www.debian.org www.debian.org www.debian.org www.debian.org www.debian.org www.eclipse.org www.haproxy.com www.mail-archive.com www.netlify.com www.netlify.com www.nginx.com www.nginx.com www.openwall.com www.phoronix.com www.theregister.com www.theregister.com
MEDIUM	CVE-2023-45288: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection. Package Name: golang.org/x/net Installed Version: v0.7.0 Fixed Version: 0.23.0 References: www.openwall.com www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org go.dev go.dev groups.google.com linux.oracle.com linux.oracle.com lists.fedoraproject.org lists.fedoraproject.org nowotarski.info nowotarski.info nvd.nist.gov pkg.go.dev security.netapp.com security.netapp.com www.cve.org www.kb.cert.org

Previous Version: 0ef3c29311c8a9cdabc…

Next Version: 5035e460e0a9a3db314…

trufflehog 1174e804b216d3279f10e372574…

One-liner (summary)

Description

License

Size

Downloads

Tags

Last scanned

Scan result

Vulnerability count

Max. severity

CVE-2023-42363: busybox: use-after-free in awk

CVE-2023-42366: busybox: A heap-buffer-overflow

CVE-2023-42363: busybox: use-after-free in awk

CVE-2023-42366: busybox: A heap-buffer-overflow

CVE-2024-4603: openssl: Excessive time spent checking DSA keys and parameters

CVE-2024-4603: openssl: Excessive time spent checking DSA keys and parameters

CVE-2023-42363: busybox: use-after-free in awk

CVE-2023-42366: busybox: A heap-buffer-overflow

CVE-2024-2511: openssl: Unbounded memory growth with session handling in TLSv1.3

CVE-2024-2511: openssl: Unbounded memory growth with session handling in TLSv1.3

CVE-2023-40267: GitPython: Insecure non-multi options in clone and clone_from is not blocked

CVE-2022-24439: GitPython: improper user input validation leads into a RCE

CVE-2023-40590: gitpython: improper executable lookup on windows

CVE-2024-22190: Untrusted search path under some conditions on Windows allows arbitrary code execution

CVE-2023-41040: GitPython: Blind local file inclusion

CVE-2023-39325: golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)

CVE-2023-3978: golang.org/x/net/html: Cross site scripting

CVE-2023-44487: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

CVE-2023-45288: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS