CVE-2024-22047
3.1LOWA race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user.
Publicado: 1/4/2024Actualizado: 11/28/2025
Descripción
A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user.
Análisis IAImpulsado por IA
Productos Afectados
collectiveideaaudited
Referencias
- https://github.com/advisories/GHSA-hjp3-5g2q-7jwwThird Party Advisory
- https://github.com/collectiveidea/audited/issues/601Issue TrackingPatchVendor Advisory
- https://github.com/collectiveidea/audited/pull/669Patch
- https://github.com/collectiveidea/audited/pull/671Patch
- https://github.com/collectiveidea/audited/security/advisories/GHSA-hjp3-5g2q-7jwwVendor Advisory
- https://vulncheck.com/advisories/vc-advisory-GHSA-hjp3-5g2q-7jwwThird Party Advisory
- https://github.com/advisories/GHSA-hjp3-5g2q-7jwwThird Party Advisory
- https://github.com/collectiveidea/audited/issues/601Issue TrackingPatchVendor Advisory
- https://github.com/collectiveidea/audited/pull/669Patch
- https://github.com/collectiveidea/audited/pull/671Patch
- https://github.com/collectiveidea/audited/security/advisories/GHSA-hjp3-5g2q-7jwwVendor Advisory
- https://vulncheck.com/advisories/vc-advisory-GHSA-hjp3-5g2q-7jwwThird Party Advisory