Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVE-2024-45337 #469

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

CVE-2024-45337 #469

wants to merge 5 commits into from

Conversation

vkamlesh
Copy link

@vkamlesh vkamlesh commented Dec 16, 2024

The change will fix CVE-2024-45337.

Vulnerability details: https://nvd.nist.gov/vuln/detail/CVE-2024-45337
Fix: golang/go#70779

@vkamlesh
Copy link
Author

@derekbit @yasker Can you guys approve this PR?

@vkamlesh vkamlesh changed the title CVE-2023-45288 CVE-2024-45337 Dec 16, 2024
@derekbit derekbit self-requested a review December 18, 2024 04:13
@derekbit
Copy link
Member

@vkamlesh Can you run go mod vendor?

@derekbit
Copy link
Member

@vkamlesh CI failed. Can you help fix it?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

x/crypto/ssh: misuse of ServerConfig.PublicKeyCallback may cause authorization bypass
2 participants