{"id":"GO-2024-2984","summary":"Linkerd potential access to the shutdown endpoint in github.com/linkerd/linkerd2","details":"Linkerd potential access to the shutdown endpoint in github.com/linkerd/linkerd2","aliases":["CVE-2024-40632","GHSA-6v94-gj6x-jqj7"],"modified":"2025-10-15T11:42:28.655831Z","published":"2024-07-22T18:24:29Z","database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2024-2984"},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40632"},{"type":"FIX","url":"https://github.com/linkerd/linkerd2/commit/35fb2d6d11ef6520ae516dd717790529f85224fa"},{"type":"WEB","url":"https://github.com/linkerd/linkerd2-proxy/blob/46957de49f25fd4661af7b7c52659148f4d6dd27/linkerd/app/admin/src/server.rs"},{"type":"WEB","url":"https://github.com/linkerd/linkerd2/security/advisories/GHSA-6v94-gj6x-jqj7"}],"affected":[{"package":{"name":"github.com/linkerd/linkerd2","ecosystem":"Go","purl":"pkg:golang/github.com/linkerd/linkerd2"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.5.1-0.20240614165515-35fb2d6d11ef"}]}],"ecosystem_specific":{"imports":[{"symbols":["applyAnnotationOverrides"],"path":"github.com/linkerd/linkerd2/pkg/inject"}],"custom_ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"edge-24.6.2"}]}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2024-2984.json"}}],"schema_version":"1.7.3"}