CVE-2024-24562

MEDIUM Year: 2024
CVSS v3 Score
5.4
Medium
Weakness Type
CWE-668
View all →

Vulnerability Description

vantage6-UI is the official user interface for the vantage6 server. In affected versions a number of security headers are not set. This issue has been addressed in commit `68dfa6614` which is expected to be included in future releases. Users are advised to upgrade when a new release is made. While an upgrade path is not available users may modify the docker image build to insert the headers into nginx.

Related Vulnerabilities

CVE-2005-2351

MEDIUM
CVSS:5.5(Medium)

Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.

CWE-6682005

CVE-2008-2544

MEDIUM
CVSS:5.5(Medium)

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.

CWE-6682008

CVE-2013-0163

MEDIUM
CVSS:5.5(Medium)

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS

CWE-6682013

CVE-2013-4280

MEDIUM
CVSS:5.5(Medium)

Insecure temporary file vulnerability in RedHat vsdm 4.9.6.

CWE-6682013

CVE-2017-17087

MEDIUM
CVSS:5.5(Medium)

fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users...

CWE-6682017

CVE-2018-20947

MEDIUM
CVSS:5.5(Medium)

cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356).

CWE-6682018