Количество 2
Количество 2
CVE-2024-24825
DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There are no known workarounds for this vulnerability.
GHSA-59qj-jcjv-662j
DIRAC's TokenManager does not check permissions on cached tokens
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-24825 DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 9.1 | 0% Низкий | около 2 лет назад |
| GHSA-59qj-jcjv-662j DIRAC's TokenManager does not check permissions on cached tokens | CVSS3: 9.1 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу