/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CGA-v4xv-g87p-w8w2

Published

Last updated

https://images.chainguard.dev/security/CGA-v4xv-g87p-w8w2
Package

telegraf-1.26

RepositoryWolfi
Latest Update
Not affected
Aliases
  • CVE-2023-34231
  • GHSA-fwv2-65wh-2w8c

Severity

8.8

High

CVSS CVSS_V3

References

  • https://nvd.nist.gov/vuln/detail/CVE-2023-34231
  • https://github.com/advisories/GHSA-fwv2-65wh-2w8c

Updates

Status

Not affected

Justification

Vulnerable code not present

Impact

The vulnerability doesn't appear to be legitimate. The fix (https://github.com/snowflakedb/gosnowflake/pull/757) cannot fix any vulnerability, since it only introduces unused code. If a vulnerability exists as part of the SSO process, it would need to be addressed server side, and not in the Snowflake Golang client. Ultimately, the SSO server is responsible for determining if a redirect URL is allowed, not the client. The Go vulndb has also indicated this CVE is not a vulnerability (https://github.com/golang/vulndb/issues/1846).

Status

Under investigation

Safe Source for Open Sourceâ„¢
Contact us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSGolden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsChainguard CoursesDocumentationTrust Center

Company

About UsBlogPartnersNewsroomCareersLegal