CVE-2024-9129
Oct. 23, 2024, 3:12 p.m.
Tags
Product(s) Impacted
Zend Server
- 8.5 and prior to 9.2
Description
In versions of Zend Server 8.5 and prior to version 9.2 a format string injection was discovered. Reported by Dylan Marino
Weaknesses
CWE-134
Use of Externally-Controlled Format String
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
CWE ID: 134Date
Published: Oct. 22, 2024, 5:15 p.m.
Last Modified: Oct. 23, 2024, 3:12 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
security@puppet.com
References
security@puppet.com