3 matches found
CVE-2024-27296
Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 10.8.3, the exact Directus version number was being shipped in compiled JS bundles which are accessible without authentication. With this information a malicious attacker can trivially look for known...
CVE-2024-27296
CVE-2024-27296 affects Directus: prior to 10.8.3, the exact Directus version is shipped in compiled JS bundles accessible without authentication, enabling attackers to map to known vulnerabilities in Directus core or dependencies. The issue has been fixed in 10.8.3 and later. Remediation is upgra...
CVE-2024-27296 Directus version number disclosure
Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 10.8.3, the exact Directus version number was being shipped in compiled JS bundles which are accessible without authentication. With this information a malicious attacker can trivially look for known...