https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-06T04:15:25.163654+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/dbc31639-3146-478e-a252-e046aa64c49a/exportdbc31639-3146-478e-a252-e046aa64c49a2026-05-06T04:15:25.698695+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "dbc31639-3146-478e-a252-e046aa64c49a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45049", "type": "seen", "source": "https://t.me/cvedetector/4283", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45049 - Hydra Unauthenticated Evaluations\", \n \"Content\": \"CVE ID : CVE-2024-45049 \nPublished : Aug. 27, 2024, 9:15 p.m. | 34\u00a0minutes ago \nDescription : Hydra is a Continuous Integration service for Nix based projects. It is possible to trigger evaluations in Hydra without any authentication. Depending on the size of evaluations, this can impact the availability of systems. The problem can be fixed by applying to any Hydra package. Users are advised to upgrade. Users unable to upgrade should deny the `/api/push` route in a reverse proxy. This also breaks the \"Evaluate jobset\" button in the frontend. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"27 Aug 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-28T00:05:14.000000Z"}2024-08-28T00:05:14+00:00