CVE-2024-6302
CVSS V2 None
CVSS V3 None
Description
Lack of privilege checking when processing a redaction in Conduit versions v0.6.0 and lower, allowing a local user to redact any message from users on the same server, given that they are able to send redaction events.
Overview
- CVE ID
- CVE-2024-6302
- Assigner
- GitLab
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-06-25T13:02:10.915Z
- Last Modified Date
- 2024-06-25T15:28:32.390Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://gitlab.com/famedly/conduit/-/releases/v0.7.0 | |
| https://conduit.rs/changelog/#v0-7-0-2024-04-25 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-6302 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6302 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 19:25:22 | Added to TrackCVE |