Critical severityGHSA Advisory· Published Oct 16, 2024· Updated Apr 15, 2026
CVE-2023-32188
CVE-2023-32188
Description
A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/neuvector/neuvectorGo | < 0.0.0-20231003121714-be746957ee7c | 0.0.0-20231003121714-be746957ee7c |
Affected products
11- osv-coords10 versionspkg:apk/chainguard/neuvector-scannerpkg:apk/chainguard/neuvector-scanner-fipspkg:apk/chainguard/neuvector-scanner-monitorpkg:apk/chainguard/neuvector-scanner-monitor-fipspkg:apk/chainguard/neuvector-scanner-taskpkg:apk/chainguard/neuvector-scanner-task-fipspkg:apk/wolfi/neuvector-scannerpkg:apk/wolfi/neuvector-scanner-monitorpkg:apk/wolfi/neuvector-scanner-taskpkg:golang/github.com/neuvector/neuvector
< 0+ 9 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0.0.0-20231003121714-be746957ee7c
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.