CVE-2024-41254 | litestream 0.3.13 Host Key Verification ssh.InsecureIgnoreHostKey channel accessible

Posted by Angelo Barbosa | Aug 1, 2024 | CVE

A vulnerability was found in litestream 0.3.13 and classified as problematic. Affected by this issue is the function ssh.InsecureIgnoreHostKey of the component Host Key Verification Handler. The manipulation leads to channel accessible by non-endpoint.

This vulnerability is handled as CVE-2024-41254. The attack may be launched remotely. There is no exploit available.

CVE-2024-41254 | litestream 0.3.13 Host Key Verification ssh.InsecureIgnoreHostKey channel accessible

Related Posts

CVE-2024-20700 | Microsoft Windows up to Server 2022 23H2 Hyper-V Remote Code Execution

CVE-2024-1442 | Grafana up to 9.5.6/10.0.11/10.1.7/10.2.4/10.3.3 API privileges management

CVE-2024-6738 | WisdomGarden Tronclass prior 1.69.61976 Thumbnail API access control

CVE-2024-2964 | marubon Pocket News Generator Plugin up to 0.2.0 on WordPress Setting option_page cross-site request forgery