CVE-2024-10975 Affecting govulncheck-vulndb package, versions <0.0.20241112T145010-150000.1.17.1
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-SLES155-GOVULNCHECKVULNDB-8421553
- published 26 Nov 2024
- disclosed 22 Nov 2024
How to fix?
Upgrade SLES:15.5
govulncheck-vulndb
to version 0.0.20241112T145010-150000.1.17.1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream govulncheck-vulndb
package and not the govulncheck-vulndb
package as distributed by SLES
.
See How to fix?
for SLES:15.5
relevant fixed versions and status.
Nomad Community and Nomad Enterprise ("Nomad") volume specification is vulnerable to arbitrary cross-namespace volume creation through unauthorized Container Storage Interface (CSI) volume writes. This vulnerability, identified as CVE-2024-10975, is fixed in Nomad Community Edition 1.9.2 and Nomad Enterprise 1.9.2, 1.8.7, and 1.7.15.