CVE-2024-45337 | x-crypto up to 0.30.x on Go ServerConfig.PublicKeyCallback excessive reliance on global variables

Posted by Angelo Barbosa | Dec 11, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in x-crypto up to 0.30.x on Go. Affected by this issue is the function ServerConfig.PublicKeyCallback. The manipulation leads to excessive reliance on global variables.

This vulnerability is handled as CVE-2024-45337. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45337 | x-crypto up to 0.30.x on Go ServerConfig.PublicKeyCallback excessive reliance on global variables

Related Posts

CVE-2024-37574 | GriceMobile com.grice.call 4.5.2 on Android Intent permission

CVE-2024-0936 | van_der_Schaar LAB TemporAI 0.0.3 PKL File load_from_file deserialization

CVE-2024-21325 | Microsoft Printer Metadata Troubleshooter Tool Local Privilege Escalation

CVE-2024-10844 | 1000 Projects Bookstore Management System 1.0 search.php sql injection