[security][trivy-image] HIGH CVE-2024-6387 in openssh-client on app:4d711859ace27e2930cf85f4e4a13ffa2f737697 (ubuntu 22.04) #3

New Issue

2026-05-13T08:01:28-05:00

gitea-actions bot commented

2026-05-13 08:01:28 -05:00

Security scanner: trivy-image
Summary: openssh: regreSSHion - race condition in SSH allows RCE/DoS
Repository: kelly/donetick-notifier
Branch/ref: fresh-copy
Commit: 4d711859ace27e2930cf85f4e4a13ffa2f737697
Action run: https://git.ktr32.org/kelly/donetick-notifier/actions/runs/26

Details:

Type: Vulnerability
Severity: HIGH
Target: app:4d711859ace27e2930cf85f4e4a13ffa2f737697 (ubuntu 22.04)
Package: openssh-client
Installed version: 1:8.9p1-3ubuntu0.6
Fixed version: 1:8.9p1-3ubuntu0.10
Vulnerability ID: CVE-2024-6387
Primary URL: https://avd.aquasec.com/nvd/cve-2024-6387

Security scanner: `trivy-image` Summary: openssh: regreSSHion - race condition in SSH allows RCE/DoS Repository: `kelly/donetick-notifier` Branch/ref: `fresh-copy` Commit: `4d711859ace27e2930cf85f4e4a13ffa2f737697` Action run: https://git.ktr32.org/kelly/donetick-notifier/actions/runs/26 Details: - Type: Vulnerability - Severity: HIGH - Target: app:4d711859ace27e2930cf85f4e4a13ffa2f737697 (ubuntu 22.04) - Package: openssh-client - Installed version: 1:8.9p1-3ubuntu0.6 - Fixed version: 1:8.9p1-3ubuntu0.10 - Vulnerability ID: CVE-2024-6387 - Primary URL: https://avd.aquasec.com/nvd/cve-2024-6387

kelly referenced this issue

2026-05-13 11:15:14 -05:00

adding security tool stack, pre-commit steps, and gitignore additions #6

kelly closed this issue

2026-05-13 11:17:26 -05:00

kelly added the vulnerability label 2026-05-26 21:27:10 -05:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: kelly/donetick-notifier#3