Vulnerability Report: GO-2024-2997

  • CVE-2024-21583
  • Affects: github.com/gitpod-io/gitpod, github.com/gitpod-io/gitpod/components/server/go, and 2 more
  • Published: Jul 22, 2024
  • Modified: Sep 06, 2024
  • Unreviewed

CVE-2024-21583 in github.com/gitpod-io/gitpod. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. (If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.) The additional affected modules and versions are: github.com/gitpod-io/gitpod before v0.1.5-main-gha.27122; github.com/gitpod-io/gitpod/components/server/go before main-gha.27122; github.com/gitpod-io/gitpod/components/ws-proxy before main-gha.27122; github.com/gitpod-io/gitpod/install/installer before main-gha.27122.

For detailed information about this vulnerability, visit https://nvd.nist.gov/vuln/detail/CVE-2024-21583.

Affected Modules

*Custom versions, which can't be mapped automatically to standard Go module versions, are ignored by govulncheck. (See this note on versions for more details.)

Aliases

References

Credits

  • Elliot Ward (Snyk Security Research)

Feedback

This report is unreviewed. It was automatically generated from a third-party source and its details have not been verified by the Go team.
See anything missing or incorrect? Suggest an edit to this report.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.