漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Boundary Controller Incorrectly Handles HTTP Requests On Initialization Which May Lead to a Denial of Service
Vulnerability Description
Boundary Community Edition and Boundary Enterprise (“Boundary”) incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary controller, which on average is measured in milliseconds during the Boundary startup process. This vulnerability, CVE-2024-12289, is fixed in Boundary Community Edition and Boundary Enterprise 0.16.4, 0.17.3, 0.18.2.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
抛出异常的清理不恰当
Vulnerability Title
HashiCorp Boundary 安全漏洞
Vulnerability Description
HashiCorp Boundary是美国HashiCorp公司的一种开源解决方案。可自动实现基于身份的安全用户跨环境访问主机和服务。 HashiCorp Boundary 0.8.0至0.18.1版本存在安全漏洞,该漏洞源于控制器初始化期间错误地处理HTTP请求,会导致Boundary服务器过早终止。
CVSS Information
N/A
Vulnerability Type
N/A