Lucene search
K

CVE-2024-29034 CarrierWave's Content-Type allowlist bypass vulnerability which possibly leads to XSS remained

🗓️ 24 Mar 2024 19:27:35Reported by GitHub_MType 
cvelist
 cvelist
🔗 www.cve.org👁 36 Views

CarrierWave Content-Type bypass vulnerability leading to possible XS

Related
Affected
Refs
ReporterTitlePublishedViews
Family
Chainguard
CVE-2024-29034 vulnerabilities
14 Jan 202601:17
cgr
Circl
CVE-2023-49090
20 Dec 202311:12
circl
CNNVD
CarrierWave Cross-Site Scripting Vulnerability
29 Nov 202300:00
cnnvd
CNNVD
CarrierWave 跨站脚本漏洞
24 Mar 202400:00
cnnvd
CVE
CVE-2023-49090
29 Nov 202314:38
cve
CVE
CVE-2024-29034
24 Mar 202419:27
cve
Cvelist
CVE-2023-49090 CarrierWave has a content-type allowlist bypass vulnerability, possibly leading to XSS
29 Nov 202314:38
cvelist
Debian CVE
CVE-2023-49090
29 Nov 202314:38
debiancve
Debian CVE
CVE-2024-29034
24 Mar 202419:27
debiancve
EUVD
EUVD-2023-2969
3 Oct 202520:07
euvd
Rows per page
[
  {
    "vendor": "carrierwaveuploader",
    "product": "carrierwave",
    "versions": [
      {
        "version": ">= 3.0.0, < 3.0.7",
        "status": "affected"
      },
      {
        "version": "< 2.2.6",
        "status": "affected"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

24 Mar 2024 20:05Current
6.7Medium risk
Vulners AI Score6.7
CVSS 3.16.8
EPSS0.00613
36