Lucene search

CVE-2024-32978 Kaminari Insecure File Permissions Vulnerability

🗓️ 27 May 2024 16:30:05Reported by GitHub_MType

Kaminari paginator for web app frameworks and object relational mappings is vulnerable to insecure file permissions, allowing unauthorized write access to particular Ruby files

Reporter	Title	Published	Views	Family All 11
Debian CVE	CVE-2024-32978	27 May 202416:15	–	debiancve
OSV	UBUNTU-CVE-2024-32978	27 May 202416:15	–	osv
OSV	CVE-2024-32978	27 May 202416:15	–	osv
OSV	GHSA-7R3J-QMR4-JFPJ Kaminari Insecure File Permissions Vulnerability	28 May 202415:47	–	osv
Veracode	Incorrect Default Permissions	29 May 202406:38	–	veracode
RubySec	Insecure File Permissions vulnerability in kaminari	26 May 202421:00	–	rubygems
NVD	CVE-2024-32978	27 May 202416:15	–	nvd
UbuntuCve	CVE-2024-32978	27 May 202400:00	–	ubuntucve
Github Security Blog	Kaminari Insecure File Permissions Vulnerability	28 May 202415:47	–	github
Vulnrichment	CVE-2024-32978 Kaminari Insecure File Permissions Vulnerability	27 May 202416:05	–	vulnrichment

[
  {
    "vendor": "kaminari",
    "product": "kaminari",
    "versions": [
      {
        "version": ">= 0.15.0, <= 0.16.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/kaminari/kaminari/security/advisories/GHSA-7r3j-qmr4-jfpj

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 May 2024 16:05Current

6.5Medium risk

Vulners AI Score6.5

CVSS36.6

EPSS0.00043

CWE-276