Today > 1 Critical | 6 High | 24 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-47219

Sept. 26, 2024, 1:32 p.m.

Product(s) Impacted

NebulaGraph

  • up to 3.8.0

Description

An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection.

Weaknesses

CWE-94
Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

CWE ID: 94

Date

Published: Sept. 22, 2024, 1:15 a.m.

Last Modified: Sept. 26, 2024, 1:32 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References