CVE-2024-45049 | NixOS Hydra Continuous Integration Service /api/push missing authentication

Inserito da Angelo Barbosa | Ago 28, 2024 | CVE

A vulnerability, which was classified as critical, has been found in NixOS Hydra. Affected by this issue is some unknown functionality of the file /api/push of the component Continuous Integration Service. The manipulation leads to missing authentication.

This vulnerability is handled as CVE-2024-45049. The attack may be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-45049 | NixOS Hydra Continuous Integration Service /api/push missing authentication

Post correlati

CVE-2024-3600 | Poll Maker Plugin up to 5.1.8 on WordPress cross site scripting

CVE-2024-47142 | AIPHONE IXG-2C7/IXG-2C7-L up to 2.03 insufficiently protected credentials

CVE-2024-24332 | Totolink A3300R 17.0.0cu.557_B20221024 setUrlFilterRules url command injection

CVE-2024-20113 | MediaTek MT6765/MT6768/MT8188/MT8195 Ccu out-of-bounds write (MSV-1715 / ALPS09036814)