CVE-2022-41920 Lancet is a library for go that contains useful utility functions. An issue was found with zip fileutil, which is fixed in version 2.1.10 and 1.3.4.

CVE-2022-41920 Lancet is a library for go that contains useful utility functions. An issue was found with zip fileutil, which is fixed in version 2.1.10 and 1.3.4.

When using the fileutil package to unzip a zip file, the code may attempt to access uninitialized memory resulting in a crash. This issue has been addressed and a fix will be included in versions 1.5.6 and 1.3.4. Users are advised to upgrade. There are no known workarounds for this issue. When using redis, the code may crash due to an unchecked io.Reader err return. This issue has been addressed and a fix will be included in versions 1.5.6 and 1.3.4. Users are advised to upgrade. There are no known workarounds for this issue. When using sql, the code may crash due to an unchecked error. This issue has been addressed and a fix will be included in versions 1.5.6 and 1.3.4. Users are advised to upgrade. There are no known workarounds for this issue. When using docker, the code may crash due to an unchecked error. This issue has been addressed and a fix will be included in versions 1.5.6 and 1.3.4. Users are advised to upgrade. There are no known workarounds for this issue. When using redis, the code may crash due to an unchecked error. This issue has been addressed and a fix will be included in versions 1.5.6 and 1.3.4. Users are advised to upgrade. There are no known workarounds for this issue. When

Software requirements for running Docker

1. Linux Kernel ≥ 3.10
2. Docker ≥ 1.5.6
3. docker-compose ≥ 1.6
4. Mounting a device on the host machine and exposing it via the container's devicemapper interface
5. Device mapper (dm) is installed in the kernel or as a module

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe