Technical blog

Security bulletin

Security Bulletin: ARender is not vulnerable to CVE-2024-6387

  • Admin
  • 03 Jul, 2024

Security Bulletin

This security bulletin provides an important update regarding a recently detected vulnerability in ARender.

The latest developments and security measures related to ARender can be found on the technical blog at https://hub.arender.io/technical-blog.

On July 1, 2024, OpenSSH published a security advisory regarding the critical vulnerability CVE-2024-6387. This vulnerability allows an unauthenticated attacker to execute arbitrary code remotely with root privileges. It is present in Portable OpenSSH versions between 8.5p1 and 9.7p1 (included).

Impact on ARender

ARender Docker images do not contain the OpenSSH library thus ARender is not affected by this vulnerability.

Links