golang-github-prometheus-promu vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the golang-github-prometheus-promu package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Information Exposure	*
M Information Exposure	*
L Improper Verification of Cryptographic Signature	*
M Use of Uninitialized Variable	*
H Cross-site Scripting (XSS)	<0:0.15.0-15.1.gitd5383c5.el8
H Resource Exhaustion	<0:0.15.0-15.1.gitd5383c5.el8
H Cross-site Scripting (XSS)	<0:0.15.0-15.1.gitd5383c5.el8
H Cross-site Scripting (XSS)	<0:0.15.0-15.1.gitd5383c5.el8
H Resource Exhaustion	<0:0.15.0-15.1.gitd5383c5.el8
H Resource Exhaustion	<0:0.15.0-15.1.gitd5383c5.el8
H Use of a Broken or Risky Cryptographic Algorithm	<0:0.15.0-15.1.gitd5383c5.el8
H Use After Free	<0:0.15.0-15.1.gitd5383c5.el8
H Resource Exhaustion	<0:0.15.0-15.1.gitd5383c5.el8
H CVE-2023-2728	<0:0.15.0-15.1.gitd5383c5.el8
H CVE-2023-2727	<0:0.15.0-15.1.gitd5383c5.el8
H Resource Exhaustion	<0:0.15.0-15.1.gitd5383c5.el8
H Resource Exhaustion	<0:0.15.0-15.1.gitd5383c5.el8
M Improper Input Validation	*
H Resource Exhaustion	<0:0.15.0-15.1.gitd5383c5.el8
H Cross-site Scripting (XSS)	<0:0.15.0-15.1.gitd5383c5.el8
H Resource Exhaustion	<0:0.15.0-15.1.gitd5383c5.el8
H Allocation of Resources Without Limits or Throttling	<0:0.15.0-15.1.gitd5383c5.el8
H CVE-2023-39321	<0:0.15.0-15.1.gitd5383c5.el8
H Cross-site Scripting (XSS)	<0:0.15.0-15.1.gitd5383c5.el8
H Cross-site Scripting (XSS)	<0:0.15.0-15.1.gitd5383c5.el8
H Resource Exhaustion	<0:0.15.0-15.1.gitd5383c5.el8
H Resource Exhaustion	<0:0.15.0-15.1.gitd5383c5.el8
H Use of a Broken or Risky Cryptographic Algorithm	<0:0.15.0-15.1.gitd5383c5.el8
H Use After Free	<0:0.15.0-15.1.gitd5383c5.el8
H CVE-2023-2728	<0:0.15.0-15.1.gitd5383c5.el8
H CVE-2023-2727	<0:0.15.0-15.1.gitd5383c5.el8
H Resource Exhaustion	<0:0.15.0-15.1.gitd5383c5.el8
M Improper Input Validation	*
M Improper Input Validation	*
H Resource Exhaustion	<0:0.15.0-15.1.gitd5383c5.el8
M CVE-2023-39321	<0:0.15.0-15.1.gitd5383c5.el8
M Allocation of Resources Without Limits or Throttling	<0:0.15.0-15.1.gitd5383c5.el8
M Resource Exhaustion	*
M Improperly Controlled Sequential Memory Allocation	*
M Information Exposure	<0:0.5.0-5.git642a960.el8
M Information Exposure	<0:0.5.0-5.git642a960.el8
M Resource Exhaustion	<0:0.5.0-5.git642a960.el8
M Resource Exhaustion	<0:0.5.0-5.git642a960.el8
M Race Condition	<0:0.5.0-5.git642a960.el8
M Race Condition	<0:0.5.0-5.git642a960.el8
M Improper Input Validation	<0:0.5.0-5.git642a960.el8
M Improper Input Validation	*
M Resource Exhaustion	<0:0.5.0-4.git642a960.el8
M Improper Input Validation	<0:0.5.0-4.git642a960.el8
M Improper Input Validation	<0:0.5.0-4.git642a960.el8
M Incorrect Calculation	<0:0.5.0-3.git642a960.el8
M Improper Certificate Validation	<0:0.5.0-3.git642a960.el8
M Race Condition	<0:0.5.0-3.git642a960.el8
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:0.5.0-3.git642a960.el8
M Improper Input Validation	<0:0.5.0-4.git642a960.el8
M Improper Input Validation	<0:0.5.0-4.git642a960.el8

golang-github-prometheus-promu vulnerabilities

Direct Vulnerabilities

How to fix?