CVE-2024-37371

ADVISORY - nist

Summary

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.

EPSS Score⁠: 0.00725 (0.716)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-125⁠

Out-of-bounds Read

CWE-other⁠

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.