Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability CVE-2024-45337 that was found by Mend scan for release 2.30 #4202

Closed
omordyk opened this issue Dec 12, 2024 · 0 comments
Closed

Vulnerability CVE-2024-45337 that was found by Mend scan for release 2.30 #4202

omordyk opened this issue Dec 12, 2024 · 0 comments
Assignees
@omordyk
Labels
security

Comments

@omordyk
Copy link

omordyk commented Dec 12, 2024
edited
Loading

CVE-2024-45337
Applications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass.
@omordyk omordyk self-assigned this Dec 12, 2024
@omordyk omordyk mentioned this issue Dec 12, 2024
Merged
12 tasks
omordyk added a commit that referenced this issue Dec 12, 2024
@omordyk
Issue openhorizon #4202 - Upgrade crypto library to version 0.31.0
3cc939b 
Signed-off-by: Oleksandr Mordyk <oleksandr.mordyk1994@outlook.com>
LiilyZhang added a commit that referenced this issue Dec 13, 2024
@LiilyZhang
Merge pull request #4203 from open-horizon/security_4202
c2ce83b 
Issue openhorizon #4202 - Upgrade crypto library to version 0.31.0
@omordyk omordyk closed this as completed Dec 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@omordyk omordyk

Labels
security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@omordyk