发布于3月6日3月6日 Members Alma Linux: CVE-2025-21614: Important: grafana security update (ALSA-2025-0401) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 01/06/2025 Created 01/23/2025 Added 01/21/2025 Modified 01/21/2025 Description go-git is a highly extensible git implementation library written in pure Go. A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Users running versions of go-git from v4 and above are recommended to upgrade to v5.13 in order to mitigate this vulnerability. Solution(s) alma-upgrade-grafana alma-upgrade-grafana-selinux References https://attackerkb.com/topics/cve-2025-21614 CVE - 2025-21614 https://errata.almalinux.org/8/ALSA-2025-0401.html
参与讨论
你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。