GHSA-6mgp-p75r-vhjm

Опубликовано: 22 апр. 2024

Источник: github

Github: Прошло ревью

CVSS3: 8.8

Описание

Apache HugeGraph-Server: Bypass whitelist in Auth mode

Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0.

Users are recommended to upgrade to version 1.3.0, which fixes the issue.

Ссылки

Пакеты

Наименование

org.apache.hugegraph:hugegraph-api

maven

Затронутые версииВерсия исправления

>= 1.0.0, < 1.3.0

1.3.0

EPSS

Процентиль: 62%

0.00429

Низкий

8.8 High

CVSS3

CVE ID

CVE-2024-27349

Дефекты

CWE-290

Связанные уязвимости

CVE-2024-27349

CVSS3: 9.1

nvd

почти 2 года назад

Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue.

EPSS

Процентиль: 62%

0.00429

Низкий

8.8 High

CVSS3

CVE ID

CVE-2024-27349

Дефекты

CWE-290