Описание
Duplicate Advisory: Race Condition leading to logging errors
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-hjp3-5g2q-7jww. This link is maintained to preserve external references.
Original Description
A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user.
Ссылки
- https://github.com/collectiveidea/audited/security/advisories/GHSA-hjp3-5g2q-7jww
- https://nvd.nist.gov/vuln/detail/CVE-2024-22047
- https://github.com/collectiveidea/audited/issues/601
- https://github.com/collectiveidea/audited/pull/669
- https://github.com/collectiveidea/audited/pull/671
- https://github.com/advisories/GHSA-hjp3-5g2q-7jww
- https://vulncheck.com/advisories/vc-advisory-GHSA-hjp3-5g2q-7jww
Пакеты
Наименование
audited
rubygems
Затронутые версииВерсия исправления
>= 4.0.0
Отсутствует
3.1 Low
CVSS3
Дефекты
CWE-362
3.1 Low
CVSS3
Дефекты
CWE-362