CVE-2024-6303 | Conduit up to 0.7.x Client-Server API authorization

Posted by Angelo Barbosa | Jun 25, 2024 | CVE

A vulnerability was found in Conduit up to 0.7.x. It has been rated as very critical. Affected by this issue is some unknown functionality of the component Client-Server API. The manipulation leads to missing authorization.

This vulnerability is handled as CVE-2024-6303. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-6303 | Conduit up to 0.7.x Client-Server API authorization

Related Posts

CVE-2024-41957 | vim up to 9.1.0646 src/alloc.c double free (GHSA-f9cr-gv85-hcr4 / 8a0bbe7b8aad6f8da28dee218c01bc8a0185a)

CVE-2023-36260 | Craft CMS 4.6.1 Feed-Me Name/Feed-Me URL denial of service

CVE-2023-34436 | GTKWave 3.3.115 LXT2 num_time_table_entries out-of-bounds write (TALOS-2023-1819)

CVE-2023-41178 | Trend Micro Mobile Security for Enterprise vpplist_assign_list cross site scripting