CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

netapp

kubernetes_monitoring_operator

4 known vulnerabilities · sorted by CVSS score

CVE-2022-23806

CRITICAL9.1

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

golang / go+6

Network

Published Feb 11, 2022

CVE-2022-24675

HIGH7.5

encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.

golang / go+5

Network

Published Apr 20, 2022

CVE-2022-23773

HIGH7.5

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.

golang / go+5

Network

Published Feb 11, 2022

CVE-2022-23772

HIGH7.5

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.

golang / go+6

Network

Published Feb 11, 2022