Описание
Duplicate Advisory: Juju Unprotected Alternate Channel vulnerability
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-xwgj-vpm9-q2rq. This link is maintained to preserve external references.
Original Description
Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks.
Пакеты
Наименование
github.com/juju/juju
go
Затронутые версииВерсия исправления
< 0.0.0-20241001032836-2af7bd8e310b
0.0.0-20241001032836-2af7bd8e310b
7.9 High
CVSS3
Дефекты
CWE-420
7.9 High
CVSS3
Дефекты
CWE-420