Описание
Slack Nebula may accept arbitrary source IP addresses
Slack Nebula before 1.9.7 mishandles CIDR in some configurations and thus accepts arbitrary source IP addresses within the Nebula network.
Пакеты
Наименование
github.com/slackhq/nebula
go
Затронутые версииВерсия исправления
>= 1.9.4, < 1.9.7
1.9.7
Связанные уязвимости
CVSS3: 4.9
nvd
4 месяца назад
Slack Nebula before 1.9.7 mishandles CIDR in some configurations and thus accepts arbitrary source IP addresses within the Nebula network.