CVE-2024-45049 | NixOS Hydra Continuous Integration Service /api/push missing authentication

Inserito da Angelo Barbosa | Ago 28, 2024 | CVE

A vulnerability, which was classified as critical, has been found in NixOS Hydra. Affected by this issue is some unknown functionality of the file /api/push of the component Continuous Integration Service. The manipulation leads to missing authentication.

This vulnerability is handled as CVE-2024-45049. The attack may be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-45049 | NixOS Hydra Continuous Integration Service /api/push missing authentication

Post correlati

CVE-2023-50905 | Melapress WP Activity Log Plugin up to 4.6.1 on WordPress cross site scripting

CVE-2024-4607 | Arm Bifrost GPU Kernel Driver up to r49p0 use after free

CVE-2024-45738 | Splunk Enterprise up to 9.1.5/9.2.2/9.3.0 information disclosure (SVD-2024-1008)

CVE-2023-7269 | ArtPlacer Widget Plugin up to 2.21.1 on WordPress cross-site request forgery