CVE-2024-24761

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-24761

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-24761.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-24761

Aliases

GHSA-jrqg-mpwv-pxpv

Published

2024-03-06T17:25:59.423Z

Modified

2025-11-30T11:30:01.857819Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

Galette public pages accessibility restriction

Details

Galette is a membership management web application for non profit organizations. Starting in version 1.0.0 and prior to version 1.0.2, public pages are per default restricted to only administrators and staff members. From configuration, it is possible to restrict to up-to-date members or to everyone. Version 1.0.2 fixes this issue.

Database specific

{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-863"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/24xxx/CVE-2024-24761.json"
}

References

Affected packages

Git / github.com/galette/galette

Affected ranges

Type: GIT
Repo: https://github.com/galette/galette
Events: Introduced

3f87dfa5b64a13ea8a50c14654086831aebefa1c

Fixed

3750afe11c169b2369a3a92d5a0b304e2a2c76fd

Affected versions

1.*

1.0.0

1.0.1