Product:

Client_golang

(Prometheus)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 1
Date Id Summary Products Score Patch Annotated
2022-02-15 CVE-2022-21698 client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except... Extra_packages_for_enterprise_linux, Fedora, Client_golang, Rdo 7.5