CVE-2024-44076

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-44076

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-44076.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-44076

Aliases

GHSA-r6ph-5fp2-3w2v

Published

2024-08-19T03:15:03.883Z

Modified

2026-04-09T10:23:11.779207Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.

References

Affected packages

Git / github.com/microcks/microcks

Affected ranges

Type

GIT

Repo

https://github.com/microcks/microcks

Events

Introduced

Fixed

08b018f5654a84c4fb801e5c0f3b886625c3c7d6

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.10.0"
        }
    ]
}

Affected versions

0.*

0.1.0

0.1.1

0.1.2

0.1.3

0.5.0

0.6.0

0.6.1

0.7.0

0.7.1

0.9.1

0.9.2

1.*

1.1.0

1.1.1

1.2.0

1.2.1

1.3.0

1.4.1-fix-1

1.5.0

1.5.0-RC2

1.5.1

1.5.1-RC1

1.5.1-fix-1

1.5.2

1.5.2-RC1

1.6.0

1.6.0-RC1

1.6.0-fix-1

1.6.0-fix-2

1.6.1

1.7.0

1.7.0-RC1

1.7.1

1.7.1-fix-1

1.8.0

1.8.0-fix-1

1.8.1

1.9.0

1.9.0-fix-1

1.9.0-fix-2

1.9.1

1.9.1-fix-1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-44076.json"