Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-10314

Nov. 12, 2024, 1:55 p.m.

Product(s) Impacted

Helix Core

  • before 2024.2

Description

In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the auto-generation function was identified. Reported by Karol Wi?sek.

Weaknesses

CWE-400
Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

CWE ID: 400

Date

Published: Nov. 11, 2024, 2:15 p.m.

Last Modified: Nov. 12, 2024, 1:55 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@puppet.com

References

https://portal.perforce.com/ security@puppet.com