Common Weakness Enumeration
CWE-281
AllowedImproper Preservation of Permissions
Abstraction: Base · Status: Draft
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.
432 vulnerabilities reference this CWE, most recent first.
CVE-2024-39902 (GCVE-0-2024-39902)
Vulnerability from cvelistv5 – Published: 2024-07-22 14:10 – Updated: 2024-08-02 04:33
VLAI
EPSS
VEX
Title
Tuleap's recursive permissions to document manager folder are not properly applied
Summary
Tuleap is an open source suite to improve management of software developments and collaboration. Prior to Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8, the checkbox "Apply same permissions to all sub-items of this folder" in the document manager permissions modal is not taken into account and always considered as unchecked. In situations where the permissions are being restricted some users might still keep, incorrectly, the possibility to edit or manage items. Only change made via the web UI are affected, changes directly made via the REST API are not impacted. This vulnerability is fixed in Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8.
Severity
4.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/Enalean/tuleap/security/adviso… | x_refsource_CONFIRM |
| https://github.com/Enalean/tuleap/commit/580161e8… | x_refsource_MISC |
| https://tuleap.net/plugins/git/tuleap/tuleap/stab… | x_refsource_MISC |
| https://tuleap.net/plugins/tracker/?aid=38675 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39902",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-22T20:17:53.272982Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T20:18:06.197Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:33:11.925Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/Enalean/tuleap/security/advisories/GHSA-5jq5-vxmq-xrj7",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-5jq5-vxmq-xrj7"
},
{
"name": "https://github.com/Enalean/tuleap/commit/580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Enalean/tuleap/commit/580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb"
},
{
"name": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit\u0026h=580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit\u0026h=580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb"
},
{
"name": "https://tuleap.net/plugins/tracker/?aid=38675",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tuleap.net/plugins/tracker/?aid=38675"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tuleap",
"vendor": "Enalean",
"versions": [
{
"status": "affected",
"version": "\u003c 15.10.99.128"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Tuleap is an open source suite to improve management of software developments and collaboration. Prior to Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8, the checkbox \"Apply same permissions to all sub-items of this folder\" in the document manager permissions modal is not taken into account and always considered as unchecked. In situations where the permissions are being restricted some users might still keep, incorrectly, the possibility to edit or manage items. Only change made via the web UI are affected, changes directly made via the REST API are not impacted. This vulnerability is fixed in Tuleap Community Edition 15.10.99.128 and Tuleap Enterprise Edition 15.10-6 and 15.9-8."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T14:10:11.992Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Enalean/tuleap/security/advisories/GHSA-5jq5-vxmq-xrj7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-5jq5-vxmq-xrj7"
},
{
"name": "https://github.com/Enalean/tuleap/commit/580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Enalean/tuleap/commit/580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb"
},
{
"name": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit\u0026h=580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb",
"tags": [
"x_refsource_MISC"
],
"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit\u0026h=580161e8a065fba30ca5ca1f6f1bdb4f4b1424bb"
},
{
"name": "https://tuleap.net/plugins/tracker/?aid=38675",
"tags": [
"x_refsource_MISC"
],
"url": "https://tuleap.net/plugins/tracker/?aid=38675"
}
],
"source": {
"advisory": "GHSA-5jq5-vxmq-xrj7",
"discovery": "UNKNOWN"
},
"title": "Tuleap\u0027s recursive permissions to document manager folder are not properly applied"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-39902",
"datePublished": "2024-07-22T14:10:11.992Z",
"dateReserved": "2024-07-02T19:37:18.600Z",
"dateUpdated": "2024-08-02T04:33:11.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38361 (GCVE-0-2024-38361)
Vulnerability from cvelistv5 – Published: 2024-06-20 22:18 – Updated: 2024-08-02 04:04
VLAI
EPSS
VEX
Title
Permissions processing error in spacedb
Summary
Spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Use of an exclusion under an arrow that has multiple resources may resolve to `NO_PERMISSION` when permission is expected. If the resource exists under *multiple* folders and the user has access to view more than a single folder, SpiceDB may report the user does not have access due to a failure in the exclusion dispatcher to request that *all* the folders in which the user is a member be returned. Permission is returned as `NO_PERMISSION` when `PERMISSION` is expected on the `CheckPermission` API. This issue has been addressed in version 1.33.1. All users are advised to upgrade. There are no known workarounds for this issue.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/authzed/spicedb/security/advis… | x_refsource_CONFIRM |
| https://github.com/authzed/spicedb/commit/ecef31d… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:authzed:spicedb:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "spicedb",
"vendor": "authzed",
"versions": [
{
"lessThan": "1.33.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38361",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T18:16:22.495588Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T18:19:03.411Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:04:25.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/authzed/spicedb/security/advisories/GHSA-grjv-gjgr-66g2",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/authzed/spicedb/security/advisories/GHSA-grjv-gjgr-66g2"
},
{
"name": "https://github.com/authzed/spicedb/commit/ecef31d2b266fde17eb2c3415e2ec4ceff96fbeb",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/authzed/spicedb/commit/ecef31d2b266fde17eb2c3415e2ec4ceff96fbeb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "spicedb",
"vendor": "authzed",
"versions": [
{
"status": "affected",
"version": "\u003c 1.33.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Use of an exclusion under an arrow that has multiple resources may resolve to `NO_PERMISSION` when permission is expected. If the resource exists under *multiple* folders and the user has access to view more than a single folder, SpiceDB may report the user does not have access due to a failure in the exclusion dispatcher to request that *all* the folders in which the user is a member be returned. Permission is returned as `NO_PERMISSION` when `PERMISSION` is expected on the `CheckPermission` API. This issue has been addressed in version 1.33.1. All users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T22:18:35.552Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/authzed/spicedb/security/advisories/GHSA-grjv-gjgr-66g2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/authzed/spicedb/security/advisories/GHSA-grjv-gjgr-66g2"
},
{
"name": "https://github.com/authzed/spicedb/commit/ecef31d2b266fde17eb2c3415e2ec4ceff96fbeb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/authzed/spicedb/commit/ecef31d2b266fde17eb2c3415e2ec4ceff96fbeb"
}
],
"source": {
"advisory": "GHSA-grjv-gjgr-66g2",
"discovery": "UNKNOWN"
},
"title": "Permissions processing error in spacedb"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-38361",
"datePublished": "2024-06-20T22:18:35.552Z",
"dateReserved": "2024-06-14T14:16:16.465Z",
"dateUpdated": "2024-08-02T04:04:25.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32882 (GCVE-0-2024-32882)
Vulnerability from cvelistv5 – Published: 2024-05-02 06:52 – Updated: 2024-08-02 02:20
VLAI
EPSS
VEX
Title
Permission check bypass when editing a model with per-field restrictions in wagtail
Summary
Wagtail is an open source content management system built on Django. In affected versions if a model has been made available for editing through the `wagtail.contrib.settings` module or `ModelViewSet`, and the `permission` argument on `FieldPanel` has been used to further restrict access to one or more fields of the model, a user with edit permission over the model but not the specific field can craft an HTTP POST request that bypasses the permission check on the individual field, allowing them to update its value. This vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin, or by a user who has not been granted edit access to the model in question. The editing interfaces for pages and snippets are also unaffected. Patched versions have been released as Wagtail 6.0.3 and 6.1. Wagtail releases prior to 6.0 are unaffected. Users are advised to upgrade. Site owners who are unable to upgrade to a patched version can avoid the vulnerability as follows: 1.For models registered through `ModelViewSet`, register the model as a snippet instead; 2. For settings models, place the restricted fields in a separate settings model, and configure permission at the model level.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/wagtail/wagtail/security/advis… | x_refsource_CONFIRM |
| https://github.com/wagtail/wagtail/commit/ab2a5d8… | x_refsource_MISC |
| https://docs.wagtail.org/en/stable/extending/gene… | x_refsource_MISC |
| https://docs.wagtail.org/en/stable/reference/cont… | x_refsource_MISC |
| https://docs.wagtail.org/en/stable/reference/page… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wagtail:wagtail:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wagtail",
"vendor": "wagtail",
"versions": [
{
"lessThan": "6.0.3",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32882",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-02T13:08:02.482926Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:50:26.488Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:20:35.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc"
},
{
"name": "https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b"
},
{
"name": "https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset"
},
{
"name": "https://docs.wagtail.org/en/stable/reference/contrib/settings.html",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.wagtail.org/en/stable/reference/contrib/settings.html"
},
{
"name": "https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "wagtail",
"vendor": "wagtail",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Wagtail is an open source content management system built on Django. In affected versions if a model has been made available for editing through the `wagtail.contrib.settings` module or `ModelViewSet`, and the `permission` argument on `FieldPanel` has been used to further restrict access to one or more fields of the model, a user with edit permission over the model but not the specific field can craft an HTTP POST request that bypasses the permission check on the individual field, allowing them to update its value. This vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin, or by a user who has not been granted edit access to the model in question. The editing interfaces for pages and snippets are also unaffected. Patched versions have been released as Wagtail 6.0.3 and 6.1. Wagtail releases prior to 6.0 are unaffected. Users are advised to upgrade. Site owners who are unable to upgrade to a patched version can avoid the vulnerability as follows: 1.For models registered through `ModelViewSet`, register the model as a snippet instead; 2. For settings models, place the restricted fields in a separate settings model, and configure permission at the model level."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-280",
"description": "CWE-280: Improper Handling of Insufficient Permissions or Privileges ",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-02T06:52:59.556Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wagtail/wagtail/security/advisories/GHSA-w2v8-php4-p8hc"
},
{
"name": "https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/wagtail/wagtail/commit/ab2a5d82b4ee3c909d2456704388ccf90e367c9b"
},
{
"name": "https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.wagtail.org/en/stable/extending/generic_views.html#modelviewset"
},
{
"name": "https://docs.wagtail.org/en/stable/reference/contrib/settings.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.wagtail.org/en/stable/reference/contrib/settings.html"
},
{
"name": "https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.wagtail.org/en/stable/reference/pages/panels.html#wagtail.admin.panels.FieldPanel.permission"
}
],
"source": {
"advisory": "GHSA-w2v8-php4-p8hc",
"discovery": "UNKNOWN"
},
"title": "Permission check bypass when editing a model with per-field restrictions in wagtail"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-32882",
"datePublished": "2024-05-02T06:52:59.556Z",
"dateReserved": "2024-04-19T14:07:11.230Z",
"dateUpdated": "2024-08-02T02:20:35.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32020 (GCVE-0-2024-32020)
Vulnerability from cvelistv5 – Published: 2024-05-14 18:54 – Updated: 2025-02-13 17:52
VLAI
EPSS
VEX
Title
Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will
Summary
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a different user, then those hardlinked files may be rewritten at any point in time by the untrusted user. Cloning local repositories will cause Git to either copy or hardlink files of the source repository into the target repository. This significantly speeds up such local clones compared to doing a "proper" clone and saves both disk space and compute time. When cloning a repository located on the same disk that is owned by a different user than the current user we also end up creating such hardlinks. These files will continue to be owned and controlled by the potentially-untrusted user and can be rewritten by them at will in the future. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/git/git/security/advisories/GH… | x_refsource_CONFIRM |
| https://github.com/git/git/commit/1204e1a824c3407… | x_refsource_MISC |
| https://github.com/git/git/commit/9e65df5eab274bf… | x_refsource_MISC |
| https://lists.fedoraproject.org/archives/list/pac… | |
| http://www.openwall.com/lists/oss-security/2024/05/14/2 |
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| git | git |
Affected:
= 2.45.0
Affected: = 2.44.0 Affected: >= 2.43.0, < 2.43.4 Affected: >= 2.42.0, < 2.42.2 Affected: = 2.41.0 Affected: >= 2.40.0, < 2.40.2 Affected: < 2.39.4 |
|
| git | git |
Affected:
0 , < 2.39.4
(custom)
cpe:2.3:a:git:git:*:*:*:*:*:*:*:* |
|
| git | git |
Affected:
2.45.0
cpe:2.3:a:git:git:2.45.0:*:*:*:*:*:*:* |
|
| git | git |
Affected:
2.44.0
cpe:2.3:a:git:git:2.44.0:*:*:*:*:*:*:* |
|
| git | git |
Affected:
2.43 , < 2.43.4
(custom)
cpe:2.3:a:git:git:2.43:*:*:*:*:*:*:* |
|
| git | git |
Affected:
2.42.0 , < 2.42.2
(custom)
cpe:2.3:a:git:git:2.42.0:*:*:*:*:*:*:* |
|
| git | git |
Affected:
2.41.0
cpe:2.3:a:git:git:2.41.0:*:*:*:*:*:*:* |
|
| git | git |
Affected:
2.40.0 , < 2.40.2
(custom)
cpe:2.3:a:git:git:2.40.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:git:git:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"lessThan": "2.39.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:git:git:2.45.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"status": "affected",
"version": "2.45.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:git:git:2.44.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"status": "affected",
"version": "2.44.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:git:git:2.43:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"lessThan": "2.43.4",
"status": "affected",
"version": "2.43",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:git:git:2.42.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"lessThan": "2.42.2",
"status": "affected",
"version": "2.42.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:git:git:2.41.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"status": "affected",
"version": "2.41.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:git:git:2.40.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "git",
"vendor": "git",
"versions": [
{
"lessThan": "2.40.2",
"status": "affected",
"version": "2.40.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32020",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-15T14:32:40.280977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T17:15:59.133Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:59:50.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj"
},
{
"name": "https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d"
},
{
"name": "https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/05/14/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "git",
"vendor": "git",
"versions": [
{
"status": "affected",
"version": "= 2.45.0"
},
{
"status": "affected",
"version": "= 2.44.0"
},
{
"status": "affected",
"version": "\u003e= 2.43.0, \u003c 2.43.4"
},
{
"status": "affected",
"version": "\u003e= 2.42.0, \u003c 2.42.2"
},
{
"status": "affected",
"version": "= 2.41.0"
},
{
"status": "affected",
"version": "\u003e= 2.40.0, \u003c 2.40.2"
},
{
"status": "affected",
"version": "\u003c 2.39.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository\u0027s object database when source and target repository reside on the same disk. If the source repository is owned by a different user, then those hardlinked files may be rewritten at any point in time by the untrusted user. Cloning local repositories will cause Git to either copy or hardlink files of the source repository into the target repository. This significantly speeds up such local clones compared to doing a \"proper\" clone and saves both disk space and compute time. When cloning a repository located on the same disk that is owned by a different user than the current user we also end up creating such hardlinks. These files will continue to be owned and controlled by the potentially-untrusted user and can be rewritten by them at will in the future. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T17:10:03.915Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj"
},
{
"name": "https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d"
},
{
"name": "https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/05/14/2"
}
],
"source": {
"advisory": "GHSA-5rfh-556j-fhgj",
"discovery": "UNKNOWN"
},
"title": "Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-32020",
"datePublished": "2024-05-14T18:54:08.184Z",
"dateReserved": "2024-04-09T15:29:35.937Z",
"dateUpdated": "2025-02-13T17:52:05.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29735 (GCVE-0-2024-29735)
Vulnerability from cvelistv5 – Published: 2024-03-26 16:52 – Updated: 2025-02-13 17:47
VLAI
EPSS
VEX
Title
Apache Airflow: Potentially harmful permission changing by log task handler
Summary
Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3.
Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix group of the folders. In the case Airflow is run with the root user (not recommended) it added group write permission to all folders up to the root of the filesystem.
If your log files are stored in the home directory, these permission changes might impact your ability to run SSH operations after your home directory becomes group-writeable.
This issue does not affect users who use or extend Airflow using Official Airflow Docker reference images ( https://hub.docker.com/r/apache/airflow/ ) - those images require to have group write permission set anyway.
You are affected only if you install Airflow using local installation / virtualenv or other Docker images, but the issue has no impact if docker containers are used as intended, i.e. where Airflow components do not share containers with other applications and users.
Also you should not be affected if your umask is 002 (group write enabled) - this is the default on many linux systems.
Recommendation for users using Airflow outside of the containers:
* if you are using root to run Airflow, change your Airflow user to use non-root
* upgrade Apache Airflow to 2.8.4 or above
* If you prefer not to upgrade, you can change the https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#file-task-handler-new-folder-permissions to 0o755 (original value 0o775).
* if you already ran Airflow tasks before and your default umask is 022 (group write disabled) you should stop Airflow components, check permissions of AIRFLOW_HOME/logs in all your components and all parent directories of this directory and remove group write access for all the parent directories
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
3 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Airflow |
Affected:
2.8.2 , ≤ 2.8.3
(semver)
|
|
| apache | airflow |
Affected:
2.8.2 , ≤ 2.8.3
(semver)
cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:10:55.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/apache/airflow/pull/37310"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/8khb1rtbznh100o325fb8xw5wjvtv536"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/26/2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "airflow",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "2.8.3",
"status": "affected",
"version": "2.8.2",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-29735",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T14:08:38.417026Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T18:27:39.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pypi.python.org",
"defaultStatus": "unaffected",
"packageName": "apache-airflow",
"product": "Apache Airflow",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.8.3",
"status": "affected",
"version": "2.8.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matej Murin"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Preservation of Permissions vulnerability in Apache Airflow.\u003cp\u003eThis issue affects Apache Airflow from 2.8.2 through 2.8.3.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eAirflow\u0027s local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix \u003ccode\u003egroup\u003c/code\u003e\u0026nbsp;of the folders. In the case Airflow is run with the root user (not recommended) it added group write permission to all folders up to the root of the filesystem.\u003c/p\u003e\u003cp\u003eIf your log files are stored in the home directory, these permission changes might impact your ability to run SSH operations after your home directory becomes group-writeable.\u003c/p\u003e\u003cp\u003eThis issue does not affect users who use or extend Airflow using Official Airflow Docker reference images (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://hub.docker.com/r/apache/airflow/\"\u003ehttps://hub.docker.com/r/apache/airflow/\u003c/a\u003e) - those images require to have group write permission set anyway.\u003c/p\u003e\u003cp\u003eYou are affected only if you install Airflow using local installation / virtualenv or other Docker images, but the issue has no impact if docker containers are used as intended, i.e. where Airflow components do not share containers with other applications and users.\u003c/p\u003e\u003cp\u003eAlso you should not be affected if your umask is 002 (group write enabled) - this is the default on many linux systems.\u003c/p\u003e\u003cp\u003eRecommendation for users using Airflow outside of the containers:\u003c/p\u003e\u003cul\u003e\u003cli\u003eif you are using root to run Airflow, change your Airflow user to use non-root\u003c/li\u003e\u003cli\u003eupgrade Apache Airflow to 2.8.4 or above\u003c/li\u003e\u003cli\u003eIf you prefer not to upgrade, you can change the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#file-task-handler-new-folder-permissions\"\u003ehttps://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#file-task-handler-new-folder-permissions\u003c/a\u003e\u0026nbsp;to 0o755 (original value 0o775).\u003c/li\u003e\u003cli\u003eif you already ran Airflow tasks before and your default umask is 022 (group write disabled) you should stop Airflow components, check permissions of \u003ccode\u003eAIRFLOW_HOME/logs\u003c/code\u003e\u0026nbsp;in all your components and all parent directories of this directory and remove group write access for all the parent directories\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3.\n\nAirflow\u0027s local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix group\u00a0of the folders. In the case Airflow is run with the root user (not recommended) it added group write permission to all folders up to the root of the filesystem.\n\nIf your log files are stored in the home directory, these permission changes might impact your ability to run SSH operations after your home directory becomes group-writeable.\n\nThis issue does not affect users who use or extend Airflow using Official Airflow Docker reference images ( https://hub.docker.com/r/apache/airflow/ ) - those images require to have group write permission set anyway.\n\nYou are affected only if you install Airflow using local installation / virtualenv or other Docker images, but the issue has no impact if docker containers are used as intended, i.e. where Airflow components do not share containers with other applications and users.\n\nAlso you should not be affected if your umask is 002 (group write enabled) - this is the default on many linux systems.\n\nRecommendation for users using Airflow outside of the containers:\n\n * if you are using root to run Airflow, change your Airflow user to use non-root\n * upgrade Apache Airflow to 2.8.4 or above\n * If you prefer not to upgrade, you can change the https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#file-task-handler-new-folder-permissions \u00a0to 0o755 (original value 0o775).\n * if you already ran Airflow tasks before and your default umask is 022 (group write disabled) you should stop Airflow components, check permissions of AIRFLOW_HOME/logs\u00a0in all your components and all parent directories of this directory and remove group write access for all the parent directories"
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T19:05:53.416Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/apache/airflow/pull/37310"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/8khb1rtbznh100o325fb8xw5wjvtv536"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/26/2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Airflow: Potentially harmful permission changing by log task handler",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-29735",
"datePublished": "2024-03-26T16:52:40.770Z",
"dateReserved": "2024-03-19T11:07:02.111Z",
"dateUpdated": "2025-02-13T17:47:41.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28746 (GCVE-0-2024-28746)
Vulnerability from cvelistv5 – Published: 2024-03-14 08:41 – Updated: 2025-03-20 19:04
VLAI
EPSS
VEX
Title
Apache Airflow: Ignored Airflow Permissions
Summary
Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited permissions to access resources such as variables, connections, etc from the UI which they do not have permission to access.
Users of Apache Airflow are recommended to upgrade to version 2.8.3 or newer to mitigate the risk associated with this vulnerability
Severity
8.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
3 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Airflow |
Affected:
2.8.0 , < 2.8.3
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-28746",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-15T16:26:13.987222Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T19:04:18.928Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:56:58.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/apache/airflow/pull/37881"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/b4pffc7w7do6qgk4jjbyxvdz5odrvny7"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/13/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pypi.python.org",
"defaultStatus": "unaffected",
"packageName": "apache-airflow",
"product": "Apache Airflow",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.8.3",
"status": "affected",
"version": "2.8.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Liotta"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Vincent(Vincbeck)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited permissions to access resources such as variables, connections, etc from the UI which they do not have permission to access.\u0026nbsp;\u003cbr\u003e\u003cbr\u003eUsers of Apache Airflow are recommended to upgrade to version 2.8.3 or newer to mitigate the risk associated with this vulnerability\u003cbr\u003e"
}
],
"value": "Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited permissions to access resources such as variables, connections, etc from the UI which they do not have permission to access.\u00a0\n\nUsers of Apache Airflow are recommended to upgrade to version 2.8.3 or newer to mitigate the risk associated with this vulnerability"
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T19:07:36.723Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/apache/airflow/pull/37881"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/b4pffc7w7do6qgk4jjbyxvdz5odrvny7"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/13/5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Airflow: Ignored Airflow Permissions",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-28746",
"datePublished": "2024-03-14T08:41:03.928Z",
"dateReserved": "2024-03-08T08:28:25.706Z",
"dateUpdated": "2025-03-20T19:04:18.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23464 (GCVE-0-2024-23464)
Vulnerability from cvelistv5 – Published: 2024-08-06 15:24 – Updated: 2024-08-06 15:41
VLAI
EPSS
VEX
Title
Zscaler bypass with administrative privileges on Windows
Summary
In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows <4.2.1
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Zscaler | Client Connector |
Affected:
0 , < 4.2.1
(custom)
|
|
| zscaler | client_connector |
Affected:
0 , < 4.2.1
(custom)
cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "client_connector",
"vendor": "zscaler",
"versions": [
{
"lessThan": "4.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23464",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-06T15:38:49.752319Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T15:41:17.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Client Connector",
"vendor": "Zscaler",
"versions": [
{
"lessThan": "4.2.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Randstad N.V. Red Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows \u0026lt;4.2.1\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows \u003c4.2.1"
}
],
"impacts": [
{
"capecId": "CAPEC-554",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-554 Functionality Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T15:24:03.730Z",
"orgId": "73c6f63b-efac-410d-a0a9-569700f85a04",
"shortName": "Zscaler"
},
"references": [
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Windows\u0026applicable_version=4.2.1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Zscaler bypass with administrative privileges on Windows",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "73c6f63b-efac-410d-a0a9-569700f85a04",
"assignerShortName": "Zscaler",
"cveId": "CVE-2024-23464",
"datePublished": "2024-08-06T15:24:03.730Z",
"dateReserved": "2024-01-17T15:15:47.222Z",
"dateUpdated": "2024-08-06T15:41:17.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22405 (GCVE-0-2024-22405)
Vulnerability from cvelistv5 – Published: 2024-04-30 10:04 – Updated: 2024-08-01 22:43
VLAI
EPSS
VEX
Title
XADMaster may not apply quarantine attribute correctly to extracted files
Summary
XADMaster is an objective-C library for archive and file unarchiving and extraction. When extracting a specially crafted zip archive XADMaster may not apply quarantine attribute correctly. Such behaviour may circumvent Gatekeeper checks on the system. Only macOS installations are affected. This issue was fixed in XADMaster 1.10.8. It is recommended to upgrade to the latest version. There are no known workarounds for this issue.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/MacPaw/XADMaster/security/advi… | x_refsource_CONFIRM |
| https://github.com/MacPaw/XADMaster/commit/b75c05… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:macpaw:xadmaster:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "xadmaster",
"vendor": "macpaw",
"versions": [
{
"lessThan": "1.10.8",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22405",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-30T13:34:29.540533Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:52:55.463Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/MacPaw/XADMaster/security/advisories/GHSA-xg3c-r7w5-7xw2",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/MacPaw/XADMaster/security/advisories/GHSA-xg3c-r7w5-7xw2"
},
{
"name": "https://github.com/MacPaw/XADMaster/commit/b75c05bc3bca9e183ecd3c512e270ce93006da3c",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/MacPaw/XADMaster/commit/b75c05bc3bca9e183ecd3c512e270ce93006da3c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "XADMaster",
"vendor": "MacPaw",
"versions": [
{
"status": "affected",
"version": "\u003c 1.10.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "XADMaster is an objective-C library for archive and file unarchiving and extraction. When extracting a specially crafted zip archive XADMaster may not apply quarantine attribute correctly. Such behaviour may circumvent Gatekeeper checks on the system. Only macOS installations are affected. This issue was fixed in XADMaster 1.10.8. It is recommended to upgrade to the latest version. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-30T10:04:24.056Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/MacPaw/XADMaster/security/advisories/GHSA-xg3c-r7w5-7xw2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/MacPaw/XADMaster/security/advisories/GHSA-xg3c-r7w5-7xw2"
},
{
"name": "https://github.com/MacPaw/XADMaster/commit/b75c05bc3bca9e183ecd3c512e270ce93006da3c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/MacPaw/XADMaster/commit/b75c05bc3bca9e183ecd3c512e270ce93006da3c"
}
],
"source": {
"advisory": "GHSA-xg3c-r7w5-7xw2",
"discovery": "UNKNOWN"
},
"title": "XADMaster may not apply quarantine attribute correctly to extracted files"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-22405",
"datePublished": "2024-04-30T10:04:24.056Z",
"dateReserved": "2024-01-10T15:09:55.548Z",
"dateUpdated": "2024-08-01T22:43:34.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22404 (GCVE-0-2024-22404)
Vulnerability from cvelistv5 – Published: 2024-01-18 20:14 – Updated: 2025-06-02 15:03
VLAI
EPSS
VEX
Title
Permissions bypass in Nextcloud with the files zip app
Summary
Nextcloud files Zip app is a tool to create zip archives from one or multiple files from within Nextcloud. In affected versions users can download "view-only" files by zipping the complete folder. It is recommended that the Files ZIP app is upgraded to 1.2.1, 1.4.1, or 1.5.0. Users unable to upgrade should disable the file zip app.
Severity
4.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/nextcloud/security-advisories/… | x_refsource_CONFIRM |
| https://github.com/nextcloud/files_zip/commit/432… | x_refsource_MISC |
| https://hackerone.com/reports/2247457 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nextcloud | security-advisories |
Affected:
>= 1.2.0, < 1.2.1
Affected: >= 1.3.0, < 1.4.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.833Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vhj3-mch4-67fq",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vhj3-mch4-67fq"
},
{
"name": "https://github.com/nextcloud/files_zip/commit/43204539d517a13e945b90652718e2a213f46820",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nextcloud/files_zip/commit/43204539d517a13e945b90652718e2a213f46820"
},
{
"name": "https://hackerone.com/reports/2247457",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/2247457"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22404",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T19:09:22.953426Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T15:03:33.283Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "security-advisories",
"vendor": "nextcloud",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.2.0, \u003c 1.2.1"
},
{
"status": "affected",
"version": "\u003e= 1.3.0, \u003c 1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud files Zip app is a tool to create zip archives from one or multiple files from within Nextcloud. In affected versions users can download \"view-only\" files by zipping the complete folder. It is recommended that the Files ZIP app is upgraded to 1.2.1, 1.4.1, or 1.5.0. Users unable to upgrade should disable the file zip app."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T20:14:27.914Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vhj3-mch4-67fq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vhj3-mch4-67fq"
},
{
"name": "https://github.com/nextcloud/files_zip/commit/43204539d517a13e945b90652718e2a213f46820",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/files_zip/commit/43204539d517a13e945b90652718e2a213f46820"
},
{
"name": "https://hackerone.com/reports/2247457",
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/2247457"
}
],
"source": {
"advisory": "GHSA-vhj3-mch4-67fq",
"discovery": "UNKNOWN"
},
"title": "Permissions bypass in Nextcloud with the files zip app"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-22404",
"datePublished": "2024-01-18T20:14:27.914Z",
"dateReserved": "2024-01-10T15:09:55.548Z",
"dateUpdated": "2025-06-02T15:03:33.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22402 (GCVE-0-2024-22402)
Vulnerability from cvelistv5 – Published: 2024-01-18 20:23 – Updated: 2025-06-09 18:46
VLAI
EPSS
VEX
Title
Improper handling of request URLs in Nextcloud Guests app allows guest users to bypass app allowlist
Summary
Nextcloud guests app is a utility to create guest users which can only see files shared with them. In affected versions users were able to load the first page of apps they were actually not allowed to access. Depending on the selection of apps installed this may present a permissions bypass. It is recommended that the Guests app is upgraded to 2.4.1, 2.5.1 or 3.0.1. There are no known workarounds for this vulnerability.
Severity
5.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-281 - Improper Preservation of Permissions
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/nextcloud/security-advisories/… | x_refsource_CONFIRM |
| https://github.com/nextcloud/guests/pull/1082 | x_refsource_MISC |
| https://hackerone.com/reports/2251074 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nextcloud | security-advisories |
Affected:
>= 2.4.0, < 2.4.1
Affected: >= 2.5.0, < 2.5.1 Affected: >= 3.0.0, < 3.0.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.860Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v3qw-7vgv-2fxj",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v3qw-7vgv-2fxj"
},
{
"name": "https://github.com/nextcloud/guests/pull/1082",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nextcloud/guests/pull/1082"
},
{
"name": "https://hackerone.com/reports/2251074",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/2251074"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22402",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-20T19:20:40.041655Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T18:46:12.916Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "security-advisories",
"vendor": "nextcloud",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.4.0, \u003c 2.4.1"
},
{
"status": "affected",
"version": "\u003e= 2.5.0, \u003c 2.5.1"
},
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud guests app is a utility to create guest users which can only see files shared with them. In affected versions users were able to load the first page of apps they were actually not allowed to access. Depending on the selection of apps installed this may present a permissions bypass. It is recommended that the Guests app is upgraded to 2.4.1, 2.5.1 or 3.0.1. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281: Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-19T12:46:30.558Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v3qw-7vgv-2fxj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v3qw-7vgv-2fxj"
},
{
"name": "https://github.com/nextcloud/guests/pull/1082",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/guests/pull/1082"
},
{
"name": "https://hackerone.com/reports/2251074",
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/2251074"
}
],
"source": {
"advisory": "GHSA-v3qw-7vgv-2fxj",
"discovery": "UNKNOWN"
},
"title": "Improper handling of request URLs in Nextcloud Guests app allows guest users to bypass app allowlist"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-22402",
"datePublished": "2024-01-18T20:23:54.714Z",
"dateReserved": "2024-01-10T15:09:55.547Z",
"dateUpdated": "2025-06-09T18:46:12.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.