{"id":"OESA-2024-1279","summary":"gala-gopher security update","details":"gala-gopher is a low-overhead eBPF-based probes framework\r\n\r\nSecurity Fix(es):\r\n\r\ngala-gopher 1.0.2组件中存在命令注入攻击漏洞(CVE-2024-24890)","modified":"2025-09-03T06:20:05.148784Z","published":"2024-03-15T11:07:12Z","upstream":["CVE-2024-24890"],"database_specific":{"severity":"High"},"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1279"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-24890"}],"affected":[{"package":{"name":"gala-gopher","ecosystem":"openEuler:22.03-LTS-SP2","purl":"pkg:rpm/openEuler/gala-gopher&distro=openEuler-22.03-LTS-SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.2-4.oe2203sp2"}]}],"ecosystem_specific":{"x86_64":["gala-gopher-1.0.2-4.oe2203sp2.x86_64.rpm","gala-gopher-debuginfo-1.0.2-4.oe2203sp2.x86_64.rpm","gala-gopher-debugsource-1.0.2-4.oe2203sp2.x86_64.rpm"],"aarch64":["gala-gopher-debuginfo-1.0.2-4.oe2203sp2.aarch64.rpm","gala-gopher-debugsource-1.0.2-4.oe2203sp2.aarch64.rpm","gala-gopher-1.0.2-4.oe2203sp2.aarch64.rpm"],"src":["gala-gopher-1.0.2-4.oe2203sp2.src.rpm"]},"database_specific":{"source":"https://repo.openeuler.org/security/data/osv/OESA-2024-1279.json"}}],"schema_version":"1.7.3"}