CVE-2024-22047
3.1LOWA race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user.
Publicado: 1/4/2024Atualizado: 11/28/2025
Descrição
A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user.
Análise IADesenvolvido por IA
Produtos Afetados
collectiveideaaudited
Referências
- https://github.com/advisories/GHSA-hjp3-5g2q-7jwwThird Party Advisory
- https://github.com/collectiveidea/audited/issues/601Issue TrackingPatchVendor Advisory
- https://github.com/collectiveidea/audited/pull/669Patch
- https://github.com/collectiveidea/audited/pull/671Patch
- https://github.com/collectiveidea/audited/security/advisories/GHSA-hjp3-5g2q-7jwwVendor Advisory
- https://vulncheck.com/advisories/vc-advisory-GHSA-hjp3-5g2q-7jwwThird Party Advisory
- https://github.com/advisories/GHSA-hjp3-5g2q-7jwwThird Party Advisory
- https://github.com/collectiveidea/audited/issues/601Issue TrackingPatchVendor Advisory
- https://github.com/collectiveidea/audited/pull/669Patch
- https://github.com/collectiveidea/audited/pull/671Patch
- https://github.com/collectiveidea/audited/security/advisories/GHSA-hjp3-5g2q-7jwwVendor Advisory
- https://vulncheck.com/advisories/vc-advisory-GHSA-hjp3-5g2q-7jwwThird Party Advisory