VDB

CVE-2024-10846

CVE-2024-10846 PUBLISHED CVSS 5.900000095367432 MEDIUM

Excessive Platform Resource Consumption within a Loop when unmarshalling Compose file having recursive loop

EPSS 0.02% · 5.7th percentile

Risk Scores

CVSS v3.1
5.900000095367432
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
EPSS Score
0.02%
5.7th percentile

Affected Products

VendorProductVersions
github.comcompose-spec/compose-go/v22.1.0, 2.1.0
compose-speccompose-go0, 0

Timeline

  • Jan 21, 2025 CVE Published
  • Jan 23, 2025 PoC Published
  • Jan 23, 2025 PoC Published
  • Jan 23, 2025 PoC Published
  • Jan 24, 2025 EPSS Score
  • Feb 2, 2025 Coalition ESS Score
  • Feb 8, 2025 EPSS Score
  • Feb 23, 2025 EPSS Score
  • Mar 11, 2025 EPSS Score
  • Mar 26, 2025 EPSS Score
  • Apr 10, 2025 EPSS Score
  • Apr 25, 2025 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›