Lucene search

GoogleOSV:GO-2024-3010

HistoryAug 06, 2024 - 10:03 p.m.

CVE-2024-6984 in github.com/juju/juju

2024-08-0622:03:16

Google

osv.dev

github repository

security advisory

vulnerability report

software version

cve-2024-6984

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

6.6

Confidence

Low

JSON

CVE-2024-6984 in github.com/juju/juju.

NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.

(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)

The additional affected modules and versions are: github.com/juju/juju from v2.9.0 before v2.9.50, from v3.1.0 before v3.1.9, from v3.3.0 before v3.3.5, from v3.4.0 before v3.4.5, from v3.5.0 before v3.5.3.

References

github.com/juju/juju/commit/da929676853092a29ddf8d589468cf85ba3efaf2

github.com/juju/juju/security/advisories/GHSA-6vjm-54vp-mxhx

www.cve.org/CVERecord?id=CVE-2024-6984

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

6.6

Confidence

Low

JSON

Related for OSV:GO-2024-3010