Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:16 a.m.7 views

CVE-2024-50611

CycloneDX cdxgen through 10.10.7, when run against an untrusted codebase, may execute code contained within build-related files such as build.gradle.kts, a similar issue to CVE-2022-24441. cdxgen is used by, for example, OWASP dep-scan. NOTE: this has been characterized as a design limitation,...

8.8CVSS7.2AI score0.00831EPSS
Exploits1References1
OSV
OSV
added 2024/10/28 12:30 a.m.17 views

GHSA-HXF3-VGPM-FV9P CycloneDX cdxgen may execute code contained within build-related files

CycloneDX cdxgen prior to 11.1.7, when run against an untrusted codebase, may execute code contained within build-related files such as build.gradle.kts, a similar issue to CVE-2022-24441. cdxgen is used by, for example, OWASP dep-scan. NOTE: this has been characterized as a design limitation,...

7.1CVSS7.9AI score0.00831EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/10/28 12:30 a.m.19 views

CycloneDX cdxgen may execute code contained within build-related files

CycloneDX cdxgen prior to 11.1.7, when run against an untrusted codebase, may execute code contained within build-related files such as build.gradle.kts, a similar issue to CVE-2022-24441. cdxgen is used by, for example, OWASP dep-scan. NOTE: this has been characterized as a design limitation,...

7.2CVSS7.9AI score0.00831EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2024/10/27 10:15 p.m.19 views

CVE-2024-50611

CycloneDX cdxgen through 10.10.7, when run against an untrusted codebase, may execute code contained within build-related files such as build.gradle.kts, a similar issue to CVE-2022-24441. cdxgen is used by, for example, OWASP dep-scan. NOTE: this has been characterized as a design limitation,...

7.2CVSS0.00831EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/27 12:0 a.m.23 views

CVE-2024-50611

CycloneDX cdxgen through 10.10.7, when run against an untrusted codebase, may execute code contained within build-related files such as build.gradle.kts, a similar issue to CVE-2022-24441. cdxgen is used by, for example, OWASP dep-scan. NOTE: this has been characterized as a design limitation,...

0.00831EPSS
Exploits0References3
Rows per page
Query Builder