Vulnerability Report: GO-2024-2879
- CVE-2024-35223, GHSA-284c-x8m7-9w5h
- Affects: github.com/dapr/dapr
- Published: May 24, 2024
- Unreviewed
Dapr API Token Exposure in github.com/dapr/dapr
For detailed information about this vulnerability, visit https://github.com/dapr/dapr/security/advisories/GHSA-284c-x8m7-9w5h or https://nvd.nist.gov/vuln/detail/CVE-2024-35223.
Affected Modules
-
PathGo Versions
-
from v1.13.0 before v1.13.3
Aliases
References
- https://github.com/dapr/dapr/security/advisories/GHSA-284c-x8m7-9w5h
- https://nvd.nist.gov/vuln/detail/CVE-2024-35223
- https://github.com/dapr/dapr/commit/e0591e43d0cdfd30a2f2960dce5d9892dc98bc2c
- https://github.com/dapr/dapr/pull/7404
- https://github.com/dapr/dapr/issues/7344
- https://github.com/dapr/dapr/releases/tag/v1.13.3
- https://vuln.go.dev/ID/GO-2024-2879.json
Feedback
This report is unreviewed. It was automatically generated from a third-party source and its details have not been verified by the Go team.
See anything missing or incorrect?
Suggest an edit to this report.