CVE-2024-27307 vulnerabilities

🗓️ 06 Mar 2024 20:47:15Reported by WolfiType

Vulnerabilities in Renovate package for Unix

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 18
OSV	CGA-43QC-V8WH-2735	6 Jun 202412:22	–	osv
OSV	JSONata expression can pollute the "Object" prototype	4 Mar 202420:43	–	osv
OSV	CVE-2024-27307	6 Mar 202420:15	–	osv
Vulnrichment	CVE-2024-27307 JSONata expression can pollute the "Object" prototype	6 Mar 202419:24	–	vulnrichment
NVD	CVE-2024-27307	6 Mar 202420:15	–	nvd
Github Security Blog	JSONata expression can pollute the "Object" prototype	4 Mar 202420:43	–	github
RedhatCVE	CVE-2024-27307	7 Mar 202406:38	–	redhatcve
IBM Security Bulletins	Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in jsonata-js JSONata	26 Feb 202518:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container instances that run or edit flows containing JSONata mapping are vulnerable to arbitrary code execution due to [CVE-2024-27307]	2 Apr 202410:25	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service and remote attack due to node.js jose module and jsonata-js JSONata (CVE-2024-28176, CVE-2024-27307)	16 Apr 202415:42	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
wolfi	any	x86_64	renovate	37.229.2-r0	renovate-37.229.2-r0.apk
wolfi	any	aarch64	renovate	37.229.2-r0	renovate-37.229.2-r0.apk

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Mar 2024 20:15Current

7.3High risk

Vulners AI Score7.3

CVSS39.8

EPSS0.01251

SSVC