Vulnerability Report: GO-2024-3312

  • CVE-2024-6156, GHSA-4c49-9fpc-hc3v
  • Affects: github.com/canonical/lxd
  • Published: Dec 09, 2024
  • Modified: Dec 11, 2024

CA certificate sign check bypass in github.com/canonical/lxd

For detailed information about this vulnerability, visit https://github.com/canonical/lxd/security/advisories/GHSA-4c49-9fpc-hc3v.

Affected Packages

  • Path
    Go Versions
    Custom Versions*
    Symbols
  • github.com/canonical/lxd/lxd
    before v0.0.0-20240708073652-5a492a3f0036
    before 5.21.2
    1 unexported affected symbols
    • allowProjectResourceList

*Custom versions, which can't be mapped automatically to standard Go module versions, are ignored by govulncheck. (See this note on versions for more details.)

Aliases

References

Credits

  • @markylaing

Feedback

See anything missing or incorrect? Suggest an edit to this report.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.