CGA-x943-4x85-gx3g

Published

Last updated

https://images.chainguard.dev/security/CGA-x943-4x85-gx3g

Package

k3s

RepositoryWolfi

Latest Update

Pending upstream fix

Aliases

CVE-2024-36620
GHSA-q59j-vv4j-v33c

Severity

Unknown

References

https://nvd.nist.gov/vuln/detail/CVE-2024-36620
https://github.com/advisories/GHSA-q59j-vv4j-v33c

Updates

Status

Pending upstream fix

Impact

k3s 1.32.2.1 uses Docker 25.0.6, as seen here: https://github.com/k3s-io/k3s/blame/v1.32.2%2Bk3s1/go.mod#L16 The fixed version to remediate this CVE is 26.1.0; however, breaking changes between these major versions require upstream maintainers to implement compatibility.

Status

Under investigation

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CGA-x943-4x85-gx3g

Severity

References

Updates

Product

Solutions

Customers

Resources

Company