[security][trivy-image] HIGH CVE-2024-6387 in openssh-client on app:c23046007f6b2ab91d6c0071f1999ecf5ab81c88 (ubuntu 22.04) #5

New Issue

2026-05-16T23:11:28-05:00

gitea-actions bot commented

2026-05-16 23:11:28 -05:00

Security scanner: trivy-image
Summary: openssh: regreSSHion - race condition in SSH allows RCE/DoS
Repository: kelly/qbt-gluetun-portmgr
Branch/ref: sast-scannning
Commit: c23046007f6b2ab91d6c0071f1999ecf5ab81c88
Action run: https://git.ktr32.org/kelly/qbt-gluetun-portmgr/actions/runs/39

Details:

Type: Vulnerability
Severity: HIGH
Target: app:c23046007f6b2ab91d6c0071f1999ecf5ab81c88 (ubuntu 22.04)
Package: openssh-client
Installed version: 1:8.9p1-3ubuntu0.6
Fixed version: 1:8.9p1-3ubuntu0.10
Vulnerability ID: CVE-2024-6387
Primary URL: https://avd.aquasec.com/nvd/cve-2024-6387

Security scanner: `trivy-image` Summary: openssh: regreSSHion - race condition in SSH allows RCE/DoS Repository: `kelly/qbt-gluetun-portmgr` Branch/ref: `sast-scannning` Commit: `c23046007f6b2ab91d6c0071f1999ecf5ab81c88` Action run: https://git.ktr32.org/kelly/qbt-gluetun-portmgr/actions/runs/39 Details: - Type: Vulnerability - Severity: HIGH - Target: app:c23046007f6b2ab91d6c0071f1999ecf5ab81c88 (ubuntu 22.04) - Package: openssh-client - Installed version: 1:8.9p1-3ubuntu0.6 - Fixed version: 1:8.9p1-3ubuntu0.10 - Vulnerability ID: CVE-2024-6387 - Primary URL: https://avd.aquasec.com/nvd/cve-2024-6387

kelly referenced this issue from a commit

2026-05-16 23:23:25 -05:00

resolving issues #4 and #5 - security findings

kelly referenced a pull request that will close this issue

2026-05-16 23:34:59 -05:00

enabled enhanced sast scans with automatic issue creation on findings #6

kelly closed this issue

2026-05-16 23:35:41 -05:00

Sign in to join this conversation.