AZL-54381 — Vulnetix

AZL-54381 PUBLISHED CVSS 8.600000381469727 HIGH

CVE-2024-45337 affecting package docker-compose for versions less than 2.27.0-2

Risk Scores

CVSS 4.0

8.600000381469727

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
Azure Linux:3	docker-compose	0, 0

Exploit Intelligence

Proof of Concept for CVE-2024-45337 against Gitea and Forgejo (github-poc-repo)
Fork of gogs/gogs for reachability benchmark testing (CVE-2024-45337) (github-poc-repo)
Fork of gogs/gogs for reachability benchmark testing (CVE-2024-45337) (github-poc)
Proof of Concept for CVE-2024-45337 against Gitea and Forgejo (github-poc)
An example project that showcases golang code vulnerable to CVE-2024-45337 (github-poc)
Proof of concept (POC) for CVE-2024-45337 (github-poc)
.trivyignore.yaml (github-poc)
DemoReseedInfra.kt (github-poc)
ssh.go (github-poc)
cve.pl (github-poc)

…and 1 more exploits

Timeline

Dec 12, 2024 CVE Published
Apr 21, 2026 CVE Updated

References

https://nvd.nist.gov/vuln/detail/CVE-2024-45337 url

Open in Interactive Console →

$ Console Community · 100/wk Open console ›