Prisma scan is failing for the community 7.6.2 image.
Error:
| CVE |
SEVERITY |
CVSS |
PACKAGE |
VERSION |
STATUS |
PUBLISHED |
DISCOVERED |
GRACE DAYS |
DESCRIPTION |
TRIGGERED FAILURE |
| CVE-2024-24790 |
critical |
9.80 |
net/netip |
1.22.2 |
fixed in 1.21.11, 1.22.4 |
74 days |
< 1 hour |
-15 |
The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would... |
Yes |
| CVE-2023-39325 |
high |
7.50 |
golang.org/x/net/http2 |
v0.10.0 |
fixed in 0.17.0 |
> 10 months |
< 1 hour |
|
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total ... |
No |
| GO-2023-2153 |
high |
0.00 |
google.golang.org/grpc |
v1.55.0 |
fixed in 1.56.3, 1.57.1, 1.58.3 |
> 9 months |
< 1 hour |
|
An attacker can send HTTP/2 requests, cancel them, and send subsequent requests. This is valid by the HTTP/2 protocol, but would cause the gRPC-Go ser... |
No |
Prisma scan is failing for the community 7.6.2 image.
Error: