Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an expired key to forge requests as the remote server, as well as PDUs with timestamps past the expiry date
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitLab
Published: 2024-06-25T13:02:25.979Z
Updated: 2024-07-05T17:22:58.070Z
Reserved: 2024-06-25T10:30:35.803Z
Link: CVE-2024-6299
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-25T13:15:50.587
Modified: 2024-06-25T18:50:42.040
Link: CVE-2024-6299
JSON object: View
Redhat Information
No data.
CWE