Go module

github.com/mackerelio/mackerel-container-agent

v0.6.0

Newer version available

v0.6.0

Newer version available

Default version

Published

April 10, 2022

Licenses

Apache-2.0

Dependency Licenses

Apache-2.0

BSD-3-Clause

CC-BY-SA-4.0

MIT

Security Advisories

In the dependencies

github.com/aws/aws-sdk-gov1.43.17

GO-2022-0635In-band key negotiation issue in AWS S3 Crypto SDK for golang in github.com/aws/aws-sdk-go

GO-2022-0646CBC padding oracle issue in AWS S3 Crypto SDK for golang in github.com/aws/aws-sdk-go

github.com/docker/dockerv20.10.13+incompatible

GHSA-232p-vwff-86mpDocker Swarm encrypted overlay network may be unauthenticated

GHSA-2mm7-x5h6-5pvqMoby (Docker Engine) started with non-empty inheritable Linux process capabilities

GHSA-33pg-m6jh-5237Docker Swarm encrypted overlay network traffic may be unencrypted

GHSA-6wrf-mxfj-pf5pDocker Swarm encrypted overlay network with a single endpoint is unauthenticated

GHSA-jq35-85cj-fj4p/sys/devices/virtual/powercap accessible by default to containers

GHSA-mq39-4gv4-mvpxMoby's external DNS requests from 'internal' networks could lead to data exfiltration

GHSA-rc4r-wh2q-q6c4Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions

GHSA-vp35-85q5-9f25Container build can leak any path on the host into the container

GHSA-xw73-rw38-6vjcClassic builder cache poisoning

GO-2022-0390Moby (Docker Engine) started with non-empty inheritable Linux process capabilities in github.com/docker/docker

GO-2022-0985Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions in github.com/docker/docker

GO-2022-1107Container build can leak any path on the host into the container in github.com/docker/docker

GO-2023-1699Docker Swarm encrypted overlay network may be unauthenticated in github.com/docker/docker

GO-2023-1700Docker Swarm encrypted overlay network traffic may be unencrypted in github.com/docker/docker

GO-2023-1701Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/docker

GO-2024-2512Classic builder cache poisoning in github.com/docker/docker

GO-2024-3005Moby authz zero length regression in github.com/moby/moby

github.com/go-yaml/yamlv2.1.0+incompatible

GHSA-r88r-gmrh-7j83YAML Go package vulnerable to denial of service

GHSA-wxc4-f4m6-wwqvExcessive Platform Resource Consumption within a Loop in Kubernetes

GO-2020-0036Excessive resource consumption in YAML parsing in gopkg.in/yaml.v2

GO-2021-0061Denial of service in gopkg.in/yaml.v2

golang.org/x/netv0.0.0-20220127200216-cd36cc0744dd

GHSA-2wrh-6pvc-2jm9Improper rendering of text nodes in golang.org/x/net/html

GHSA-4374-p667-p6c8HTTP/2 rapid reset can cause excessive work in net/http

GHSA-4v7x-pqxf-cx7mnet/http, x/net/http2: close connections when receiving too many headers

GHSA-69cg-p879-7622golang.org/x/net/http2 Denial of Service vulnerability

GHSA-qppj-fm5r-hxr3HTTP/2 Stream Cancellation Attack

GHSA-qxp5-gwg8-xv66HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net

GHSA-vvpx-j8f3-3w6hgolang.org/x/net vulnerable to Uncontrolled Resource Consumption

GHSA-w32m-9786-jp63Non-linear parsing of case-insensitive content in golang.org/x/net/html

GHSA-xrjj-mj9h-534mgolang.org/x/net/http2 vulnerable to possible excessive memory growth

GO-2022-0969Denial of service in net/http and golang.org/x/net/http2

GO-2022-1144Excessive memory growth in net/http and golang.org/x/net/http2

GO-2023-1571Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net

GO-2023-1988Improper rendering of text nodes in golang.org/x/net/html

GO-2023-2102HTTP/2 rapid reset can cause excessive work in net/http

GO-2024-2687HTTP/2 CONTINUATION flood in net/http

GO-2024-3333Non-linear parsing of case-insensitive content in golang.org/x/net/html

GO-2025-3503HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net

golang.org/x/sysv0.0.0-20220319134239-a9b59b0215f8

GHSA-p782-xgp4-8hr8golang.org/x/sys/unix has Incorrect privilege reporting in syscall

GO-2022-0493Incorrect privilege reporting in syscall and golang.org/x/sys/unix

golang.org/x/textv0.3.7

GHSA-69ch-w2m2-3vjpgolang.org/x/text/language Denial of service via crafted Accept-Language header

GO-2022-1059Denial of service via crafted Accept-Language header in golang.org/x/text/language

Dependencies

github.com/Songmu/timeoutv0.4.0

github.com/Songmu/wrapcommanderv0.1.0

github.com/aws/aws-sdk-gov1.43.17

github.com/docker/dockerv20.10.13+incompatible

github.com/docker/go-connectionsv0.4.0

github.com/docker/go-unitsv0.4.0

github.com/go-logr/logrv1.2.0

github.com/go-yaml/yamlv2.1.0+incompatible

github.com/gogo/protobufv1.3.2

github.com/google/go-cmpv0.5.5

github.com/google/gofuzzv1.1.0

github.com/jmespath/go-jmespathv0.4.0

github.com/json-iterator/gov1.1.12

github.com/mackerelio/go-osstatv0.2.2

github.com/mackerelio/golibv1.2.1

github.com/mackerelio/mackerel-client-gov0.21.0

github.com/modern-go/concurrentv0.0.0-20180306012644-bacd9c7ef1dd

github.com/modern-go/reflect2v1.0.2

github.com/opencontainers/go-digestv1.0.0

github.com/opencontainers/image-specv1.0.2

github.com/songmu/retryv0.1.0

golang.org/x/lintv0.0.0-20210508222113-6edffad5e616

golang.org/x/netv0.0.0-20220127200216-cd36cc0744dd

golang.org/x/syncv0.0.0-20210220032951-036812b2e83c

golang.org/x/sysv0.0.0-20220319134239-a9b59b0215f8

golang.org/x/textv0.3.7

golang.org/x/toolsv0.1.6-0.20210820212750-d4cc65f0b2ff

gopkg.in/inf.v0v0.9.1

gopkg.in/yaml.v2v2.4.0

k8s.io/apiv0.23.4

k8s.io/apimachineryv0.23.4

k8s.io/klog/v2v2.30.0

k8s.io/kubeletv0.23.4

k8s.io/utilsv0.0.0-20211116205334-6203023598ed

sigs.k8s.io/jsonv0.0.0-20211020170558-c049b76a60c6

sigs.k8s.io/structured-merge-diff/v4v4.2.1

Capabilities

No analysis results for version.