An issue discovered in the RunHTTPServer function in Gorush v1.18.4 allows attackers to intercept and manipulate data due to use of deprecated TLS version.
References
Link | Resource |
---|---|
https://gist.github.com/nyxfqq/cfae38fada582a0f576d154be1aeb1fc | Third Party Advisory |
Configurations
History
12 Aug 2024, 18:25
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:appleboy:gorush:*:*:*:*:*:go:*:* | |
First Time |
Appleboy
Appleboy gorush |
|
References | () https://gist.github.com/nyxfqq/cfae38fada582a0f576d154be1aeb1fc - Third Party Advisory |
07 Aug 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
CWE | CWE-327 |
07 Aug 2024, 15:17
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
06 Aug 2024, 21:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-06 21:16
Updated : 2024-08-12 18:25
NVD link : CVE-2024-41270
Mitre link : CVE-2024-41270
CVE.ORG link : CVE-2024-41270
JSON object : View
Products Affected
appleboy
- gorush
CWE
CWE-327
Use of a Broken or Risky Cryptographic Algorithm