GMS-2024-69: Etcd pkg Insecure ciphers are allowed by default
Vulnerability type
Cryptography
Detail
The TLS ciphers list supported by etcd by default contains weak ciphers.
Workarounds
Provide a desired ciphers using the --cipher-suites
flag as described with examples in the security documentation
References
Find out more on this vulnerability in the security audit report
For more information
If you have any questions or comments about this advisory:
- Contact the etcd security committee
References
Detect and mitigate GMS-2024-69 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →