VDB
GO-2024-3057
GO-2024-3057
PUBLISHED
NetBird uses a static initialization vector (IV) in github.com/netbirdio/netbird
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | netbirdio/netbird | 0.23.2, 0.23.2 |
Timeline
- Aug 13, 2024 CVE Published
- Mar 3, 2026 CVE Updated
- May 1, 2026 Security Advisory
References
- https://github.com/advisories/GHSA-9v35-4xcr-w9ph advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-41260 advisory
- https://github.com/netbirdio/netbird/commit/cf6210a6f42355e88c422c624376f6fcdaea6729 patch
- https://github.com/netbirdio/netbird/pull/2569 patch
- https://github.com/netbirdio/netbird/issues/2246 report
- https://gist.github.com/nyxfqq/92232108ac153e95d538bb17fc5ad636 url