Skip to content

ecapture docker images CVE-2024-24790⁠

High
cfc4n published GHSA-xmh6-39mf-3gh7 Dec 3, 2024

Package

gomod stdlib (Go)

Affected versions

>=1.22.0-0,<1.22.4

Patched versions

1.22.9

Description

Impact

ecapture docker image uses the basic component golang 1.22, which has security risks. See the relevant security report .

The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.

image

Patches

golang upgrade to 1.22.9

Refer

gojue/ecapture:v0.8.12

Severity

High

CVE ID

CVE-2024-24790

Weaknesses

No CWEs