[FEDORA-2023-cf176d02d8] Fedora 39: golang-github-prometheus-exporter-toolkit, golang-github-xhit-str2duration, golang-gopkg-alecthomas-kingpin-2

Severity High

Affected Packages 3

CVEs 1

Security fix for CVE-2022-46146, update to v0.10.0

Package	Affected Version
pkg:rpm/fedora/golang-gopkg-alecthomas-kingpin-2?distro=fedora-39	< 2.3.2.1.fc39
pkg:rpm/fedora/golang-github-xhit-str2duration?distro=fedora-39	< 2.1.0.3.fc39
pkg:rpm/fedora/golang-github-prometheus-exporter-toolkit?distro=fedora-39	< 0.10.0.1.fc39

ID

FEDORA-2023-cf176d02d8

Severity

high

Severity from

CVE-2022-46146

URL

Published

2023-09-20T00:20:43
(12 months ago)

Modified

2023-09-20T00:20:43
(12 months ago)

Rights

Other Advisories

Source	# ID	Name	URL
Bugzilla	2149436	Bug #2149436 - CVE-2022-46146 exporter-toolkit: authentication bypass via cache poisoning	https://bugzilla.redhat.com/show_bug.cgi?id=2149436

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/fedora/golang-gopkg-alecthomas-kingpin-2?distro=fedora-39	fedora	golang-gopkg-alecthomas-kingpin-2	< 2.3.2.1.fc39	fedora-39
Affected	pkg:rpm/fedora/golang-github-xhit-str2duration?distro=fedora-39	fedora	golang-github-xhit-str2duration	< 2.1.0.3.fc39	fedora-39
Affected	pkg:rpm/fedora/golang-github-prometheus-exporter-toolkit?distro=fedora-39	fedora	golang-github-prometheus-exporter-toolkit	< 0.10.0.1.fc39	fedora-39

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date