Vulnerability Report: GO-2024-2527
- GHSA-5x4g-q5rc-36jp
- Affects: go.etcd.io/etcd
- Published: Jun 28, 2024
- Modified: Jul 09, 2024
The TLS ciphers list supported by etcd contains insecure cipher suites. Users may specify that an insecure cipher is used via “--cipher-suites” flag. A list of secure suites is used by default.
For detailed information about this vulnerability, visit https://github.com/etcd-io/etcd/security/advisories/GHSA-5x4g-q5rc-36jp.
Affected Packages
-
PathGo VersionsCustom Versions*Symbols
-
before v0.5.0-alpha.5.0.20221102000833-1f054980bc27from 3.2.22 before 3.4.22all symbols
*Custom versions, which can't be mapped automatically to standard Go module versions, are ignored by govulncheck
. (See this note on versions for more details.)
Aliases
References
- https://github.com/etcd-io/etcd/security/advisories/GHSA-5x4g-q5rc-36jp
- https://vuln.go.dev/ID/GO-2024-2527.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.