Lucene search
GitHub_MCVELIST:CVE-2024-41962HistoryAug 01, 2024 - 4:30 p.m.
CVE-2024-41962 Bostr Improper Authorization
2024-08-0116:30:57
CWE-285
GitHub_M
www.cve.org
4
cve-2024-41962
bostr
improper authorization
nostr relay
CVSS3
4.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
EPSS
0.001
Percentile
27.6%
Bostr is an nostr relay aggregator proxy that acts like a regular nostr relay. bostr let everyone in even having authorized_keys being set when noscraper is set to true. This vulnerability is fixed in 3.0.10.
CNA Affected
[
{
"vendor": "Yonle",
"product": "bostr",
"versions": [
{
"version": "< 3.0.10",
"status": "affected"
}
]
}
]Related
veracode
veracode
Improper Authorization
2024-08-05 03:46:59
github
github
Bostr Improper Authorization vulnerability
2024-08-02 01:20:13
nvd
nvd
CVE-2024-41962
2024-08-01 17:16:09
osv
osv
Bostr Improper Authorization vulnerability
2024-08-02 01:20:13
CVE-2024-41962
2024-08-01 17:16:09
vulnrichment
vulnrichment
CVE-2024-41962 Bostr Improper Authorization
2024-08-01 16:30:57
cve
cve
CVE-2024-41962
2024-08-01 17:16:09
CVSS3
4.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
EPSS
0.001
Percentile
27.6%
Related for CVELIST:CVE-2024-41962