CVE-2024-46990 SSRF Loopback IP filter bypass in directus

Directus is a real-time API and App dashboard for managing SQL database content. When relying on blocking access to localhost using the default 0.0.0.0 filter a user may bypass this block by using other registered loopback devices like 127.0.0.2 - 127.127.127.127. This issue has been addressed in...

Directus 访问控制错误漏洞

Directus is a real-time Api and application dashboard from Directus Open Source. It is used to manage Sql database content. An Access Control Error vulnerability exists in Directus versions prior to 10.13.2, which stems from the fact that when relying on the use of a default filter to block acces...

Session Fixation

Directus is vulnerable to Session Fixation. The vulnerability is due to improper caching of unauthenticated requests via OpenID or OAuth2 endpoints, allowing unauthenticated users to access the credentials of the last authenticated user...

@deconz-community/directus-extension-ddf-store (=0.1.0), @directus/api (=21.0.1) +3 more potentially affected by CVE-2024-45596 via @directus/api (>=10.0.0 <=21.0.0)

@directus/api NPM version =10.0.0, =10.0.0, =1.0.0, =2.0.0 Source cves: CVE-2024-45596 Source advisory: OSV:GHSA-CFF8-X7JV-4FM8...

@directus/api (>=18.0.0 <=21.0.1) potentially affected by CVE-2024-45596 via directus (>=10.10.0 <=10.13.2)

directus NPM version =10.10.0, =18.0.0, =21.0.1 Source cves: CVE-2024-45596 Source advisory: OSV:GHSA-CFF8-X7JV-4FM8...

GHSA-CFF8-X7JV-4FM8 Session is cached for OpenID and OAuth2 if `redirect` is not used

Summary Unauthenticated user can access credentials of last authenticated user via OpenID or OAuth2 where the authentication URL did not include redirect query string. For example: - Project is configured with OpenID or OAuth2 - Project is configured with cache enabled - User tries to login via S...

CVE-2024-45596

Directus is a real-time API and App dashboard for managing SQL database content. An unauthenticated user can access credentials of last authenticated user via OpenID or OAuth2 where the authentication URL did not include redirect query string. This happens because on that endpoint for both OpenId...

CVE-2024-45596 Directus's session is cached for OpenID and OAuth2 if `redirect` is not used

Directus is a real-time API and App dashboard for managing SQL database content. An unauthenticated user can access credentials of last authenticated user via OpenID or OAuth2 where the authentication URL did not include redirect query string. This happens because on that endpoint for both OpenId...

CVE-2024-45596 Directus's session is cached for OpenID and OAuth2 if `redirect` is not used

Directus is a real-time API and App dashboard for managing SQL database content. An unauthenticated user can access credentials of last authenticated user via OpenID or OAuth2 where the authentication URL did not include redirect query string. This happens because on that endpoint for both OpenId...

CVE-2024-45596

Summary: Directus real-time API/dashboard contains a vulnerability where an unauthenticated user can obtain the credentials of the last authenticated user via OpenID or OAuth2 when the redirect parameter is missing. Root cause: the respond middleware caches certain GET requests, and the condition...

CVE-2024-45596 Directus's session is cached for OpenID and OAuth2 if `redirect` is not used

Directus is a real-time API and App dashboard for managing SQL database content. An unauthenticated user can access credentials of last authenticated user via OpenID or OAuth2 where the authentication URL did not include redirect query string. This happens because on that endpoint for both OpenId...

PT-2024-31698 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus versions prior to 10.13.3 Directus versions prior to 11.1.0 Description: An unauthenticated user can access the credentials of the last authenticated user via OpenID or OAuth2 when the authentication URL does not include a redirect...

Directus 安全漏洞

Directus is a real-time Api and application dashboard open-sourced by Directus. It is used to manage Sql database content. A security vulnerability exists in Directus that stems from an unauthenticated user being able to access the credentials of a previous authenticated user via OpenID or OAuth2...

Directus has an insecure object reference via PATH presets

Impact Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the POST /presets request but not in the PATCH request. When chained with...

GHSA-3FFF-GQW3-VJ86 Directus has an insecure object reference via PATH presets

Impact Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the POST /presets request but not in the PATCH request. When chained with...

Authorization Bypass

directus is vulnerable to Authorization Bypass. The vulnerability is caused due to a missing validation for the user parameter in the PATCH requests for the end point /presets. This allows an authenticated external attacker to modify presets created by the same user to assign them to another user...

GHSA-Q83V-HQ3J-4PQ3 Duplicate Advisory: Improper access control in Directus

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3fff-gqw3-vj86. This link is maintained to preserve external references. Original Description Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them...

Duplicate Advisory: Improper access control in Directus

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3fff-gqw3-vj86. This link is maintained to preserve external references. Original Description Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them...

CVE-2024-6534

Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the 'POST /presets' request but not in the PATCH request. When chained with...

CVE-2024-6534

Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the 'POST /presets' request but not in the PATCH request. When chained with...