Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix CVE-2025-24970 #154

Merged
merged 1 commit into from
Feb 24, 2025
Merged

Fix CVE-2025-24970 #154

merged 1 commit into from
Feb 24, 2025

Conversation

spolti
Copy link
Contributor

@spolti spolti commented Feb 18, 2025

chore: Fix CVE-2025-24970
SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Motivation

Modifications

Result

@spolti
Fix CVE-2025-24970
557d3e2 
chore:	Fix [CVE-2025-24970](GHSA-4g8c-wm8x-jfhw)
	SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Signed-off-by: Spolti <[email protected]>
@terrytangyuan terrytangyuan merged commit 692924f into kserve:main Feb 24, 2025
6 checks passed
openshift-merge-bot bot pushed a commit to opendatahub-io/modelmesh that referenced this pull request Mar 3, 2025
@pull @spolti
Fix CVE-2025-24970 (kserve#154) (#80)
9ba0370 
chore: Fix
[CVE-2025-24970](GHSA-4g8c-wm8x-jfhw)
SslHandler doesn't correctly validate packets which can lead to native
crash when using native SSLEngine

#### Motivation


#### Modifications


#### Result

Signed-off-by: Spolti <[email protected]>
Co-authored-by: Filippe Spolti <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@terrytangyuan terrytangyuan terrytangyuan approved these changes

@rafvasq rafvasq Awaiting requested review from rafvasq

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@spolti @terrytangyuan