litestream icon indicating copy to clipboard operation
litestream copied to clipboard
verified publisher icon benbjohnson

litestream v0.3.13 CVE-2024-41254/GHSA-qpgw-j75c-j585

Open jamie-albert opened this issue 1 year ago • 0 comments

An issue was discovered in litestream v0.3.13. The usage of the ssh.InsecureIgnoreHostKey() disables host key verification, possibly allowing attackers to obtain sensitive information via a man-in-the-middle attack. GHSA-qpgw-j75c-j585

jamie-albert avatar Aug 23 '24 16:08 jamie-albert