exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2024-50611

больше 1 года назад

CycloneDX cdxgen through 10.10.7, when run against an untrusted codebase, may execute code contained within build-related files such as build.gradle.kts, a similar issue to CVE-2022-24441. cdxgen is used by, for example, OWASP dep-scan. NOTE: this has been characterized as a design limitation, rather than an implementation mistake.

CVSS3: 7.2

EPSS: Низкий

GHSA-hxf3-vgpm-fv9p

больше 1 года назад

CycloneDX cdxgen may execute code contained within build-related files

CVSS3: 6.4

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2024-50611 CycloneDX cdxgen through 10.10.7, when run against an untrusted codebase, may execute code contained within build-related files such as build.gradle.kts, a similar issue to CVE-2022-24441. cdxgen is used by, for example, OWASP dep-scan. NOTE: this has been characterized as a design limitation, rather than an implementation mistake.	CVSS3: 7.2	0% Низкий	больше 1 года назад
	GHSA-hxf3-vgpm-fv9p CycloneDX cdxgen may execute code contained within build-related files	CVSS3: 6.4	0% Низкий	больше 1 года назад

Уязвимостей на страницу