Lucene search

CVE-2024-35185

🗓️ 16 May 2024 16:09:15Reported by GitHub_MType

Minder software vulnerable to denial of service attack via attacker-controlled REST endpoint pre-version 0.0.4

Reporter	Title	Published	Views	Family All 8
OSV	CVE-2024-35185	16 May 202416:15	–	osv
OSV	Denial of service of Minder Server with attacker-controlled REST endpoint	16 May 202417:44	–	osv
OSV	Denial of service of Minder Server with attacker-controlled REST endpoint in github.com/stacklok/minder	20 May 202416:07	–	osv
Vulnrichment	CVE-2024-35185 Denial of service of Minder Server with attacker-controlled REST endpoint	16 May 202415:15	–	vulnrichment
Github Security Blog	Denial of service of Minder Server with attacker-controlled REST endpoint	16 May 202417:44	–	github
Veracode	Denial Of Service (DoS)	21 May 202407:56	–	veracode
Cvelist	CVE-2024-35185 Denial of service of Minder Server with attacker-controlled REST endpoint	16 May 202415:15	–	cvelist
NVD	CVE-2024-35185	16 May 202416:15	–	nvd

Vulners

Vulnrichment

Node

stacklok minderRange<0.0.49

[
  {
    "vendor": "stacklok",
    "product": "minder",
    "versions": [
      {
        "version": "< 0.0.49",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/stacklok/minder/commit/065049336aac0621ee00a0bb2211f8051d47c14b
github	www.github.com/stacklok/minder/security/advisories/GHSA-fjw8-3gp8-4cvx

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 May 2024 16:15Current

6.7Medium risk

Vulners AI Score6.7

CVSS35.3

EPSS0.00043

SSVC

minder denial of service rest endpoint vulnerability software supply chain version 0.0.49