[Bug 1234544] VUL-0: CVE-2024-45337: keybase-client,kubearmor-client: golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

13 Dec 2024

      https://bugzilla.suse.com/show_bug.cgi?id=1234544

Gianluca Gabrielli <gianluca.gabrielli@suse.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|VUL-0: :                    |VUL-0: CVE-2024-45337:
                   |keybase-client,kubearmor-cl |keybase-client,kubearmor-cl
                   |ient:                       |ient:
                   |golang.org/x/crypto/ssh:    |golang.org/x/crypto/ssh:
                   |Misuse of                   |Misuse of
                   |ServerConfig.PublicKeyCallb |ServerConfig.PublicKeyCallb
                   |ack may cause authorization |ack may cause authorization
                   |bypass in                   |bypass in
                   |golang.org/x/crypto         |golang.org/x/crypto
-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug 1234544] VUL-0: CVE-2024-45337: keybase-client,kubearmor-client: golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto

bugzilla_noreply＠suse.com