CVE-2024-45338 Common Vulnerabilities and Exposures

Upstream information

CVE-2024-45338 at MITRE

Description

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

SUSE information

Overall state of this security issue: New

This issue is currently rated as having not set severity.

No SUSE Bugzilla entries cross referenced.

SUSE Security Advisories:

openSUSE-SU-2024:14603-1, published Fri Dec 20 18:51:47 2024

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE Tumbleweed	`govulncheck-vulndb >= 0.0.20241218T202206-1.1` `teleport >= 17.1.0-1.1` `teleport-bash-completion >= 17.1.0-1.1` `teleport-fdpass-teleport >= 17.1.0-1.1` `teleport-tbot >= 17.1.0-1.1` `teleport-tbot-bash-completion >= 17.1.0-1.1` `teleport-tbot-zsh-completion >= 17.1.0-1.1` `teleport-tctl >= 17.1.0-1.1` `teleport-tctl-bash-completion >= 17.1.0-1.1` `teleport-tctl-zsh-completion >= 17.1.0-1.1` `teleport-tsh >= 17.1.0-1.1` `teleport-tsh-bash-completion >= 17.1.0-1.1` `teleport-tsh-zsh-completion >= 17.1.0-1.1` `teleport-zsh-completion >= 17.1.0-1.1`	Patchnames: openSUSE-Tumbleweed-2024-14603 openSUSE-Tumbleweed-2024-14606

SUSE Timeline for this CVE

CVE page created: Thu Dec 19 00:00:22 2024
CVE page last modified: Sat Dec 21 01:09:25 2024