CVE-2025-24034 | himmelblau up to 0.7.14/0.8.2 himmelblau.conf logon_script d log file (GHSA-p989-2f5w-9cf6)

Posted by Angelo Barbosa | Jan 23, 2025 | CVE

A vulnerability was found in himmelblau up to 0.7.14/0.8.2. It has been classified as problematic. This affects the function logon_script of the file /etc/himmelblau/himmelblau.conf. The manipulation of the argument d leads to sensitive information in log files.

This vulnerability is uniquely identified as CVE-2025-24034. An attack has to be approached locally. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-24034 | himmelblau up to 0.7.14/0.8.2 himmelblau.conf logon_script d log file (GHSA-p989-2f5w-9cf6)

Related Posts

CVE-2024-24570 | Statamic CMS up to 3.4.16/4.45.x cross site scripting (GHSA-vqxq-hvxw-9mv9)

CVE-2024-37439 | Uncanny Owl Uncanny Toolkit Pro for LearnDash Plugin up to 4.1.4.0 on WordPress authorization

CVE-2021-46899 | SyncTrayzor 1.1.29 CEF Remote Debug Local Privilege Escalation (Issue 666)

CVE-2023-52920 | Linux Kernel bpf is_jmp_point comparison (41f6f64e6999)