https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 06 May 2026 16:50:37 +0000 https://vulnerability.circl.lu/sighting/dbc31639-3146-478e-a252-e046aa64c49a/export {"uuid": "dbc31639-3146-478e-a252-e046aa64c49a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45049", "type": "seen", "source": "https://t.me/cvedetector/4283", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45049 - Hydra Unauthenticated Evaluations\", \n \"Content\": \"CVE ID : CVE-2024-45049 \nPublished : Aug. 27, 2024, 9:15 p.m. | 34\u00a0minutes ago \nDescription : Hydra is a Continuous Integration service for Nix based projects. It is possible to trigger evaluations in Hydra without any authentication. Depending on the size of evaluations, this can impact the availability of systems. The problem can be fixed by applying to any Hydra package. Users are advised to upgrade. Users unable to upgrade should deny the `/api/push` route in a reverse proxy. This also breaks the \"Evaluate jobset\" button in the frontend. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"27 Aug 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-28T00:05:14.000000Z"} {"uuid": "dbc31639-3146-478e-a252-e046aa64c49a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45049", "type": "seen", "source": "https://t.me/cvedetector/4283", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45049 - Hydra Unauthenticated Evaluations\", \n \"Content\": \"CVE ID : CVE-2024-45049 \nPublished : Aug. 27, 2024, 9:15 p.m. | 34\u00a0minutes ago \nDescription : Hydra is a Continuous Integration service for Nix based projects. It is possible to trigger evaluations in Hydra without any authentication. Depending on the size of evaluations, this can impact the availability of systems. The problem can be fixed by applying to any Hydra package. Users are advised to upgrade. Users unable to upgrade should deny the `/api/push` route in a reverse proxy. This also breaks the \"Evaluate jobset\" button in the frontend. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"27 Aug 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-28T00:05:14.000000Z"} https://vulnerability.circl.lu/sighting/dbc31639-3146-478e-a252-e046aa64c49a/export Wed, 28 Aug 2024 00:05:14 +0000