CVE-2024-45845

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-45845
Rejected reason: DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2024-45593. Reason: This record is a reservation duplicate of CVE-2024-45593. Notes: All CVE users should reference CVE-2024-45593 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

12 Sep 2024, 20:15

Type Values Removed Values Added
Summary
  • (es) nix 2.24 a 2.24.5 permite el directory traversal a través de un enlace simbólico en un archivo nar, debido al manejo incorrecto de un directorio que contiene un enlace simbólico y un directorio con el mismo nombre, también conocido como GHSA-h4vv-h3jq-v493.
Summary (en) nix 2.24 through 2.24.5 allows directory traversal via a symlink in a nar file, because of mishandling of a directory containing a symlink and a directory of the same name, aka GHSA-h4vv-h3jq-v493. (en) Rejected reason: DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2024-45593. Reason: This record is a reservation duplicate of CVE-2024-45593. Notes: All CVE users should reference CVE-2024-45593 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.
CVSS v2 : unknown
v3 : 7.5 		v2 : unknown
v3 : unknown
CWE CWE-22
References
  • {'url': 'https://github.com/NixOS/nix/tags', 'source': 'cve@mitre.org'}
  • {'url': 'https://news.ycombinator.com/item?id=41492994', 'source': 'cve@mitre.org'}
  • {'url': 'https://puckipedia.com/7hkj-98sq/qixt', 'source': 'cve@mitre.org'}

10 Sep 2024, 14:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5
CWE CWE-22

10 Sep 2024, 12:09

Type Values Removed Values Added
Summary
  • (es) nix 2.24 a 2.24.5 permite el directory traversal a través de un enlace simbólico en un archivo nar, debido al manejo incorrecto de un directorio que contiene un enlace simbólico y un directorio con el mismo nombre, también conocido como GHSA-h4vv-h3jq-v493.

10 Sep 2024, 11:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-09-10 11:15

Updated : 2024-09-12 20:15

NVD link : CVE-2024-45845

Mitre link : CVE-2024-45845

CVE.ORG link : CVE-2024-45845

JSON object : View

Products Affected

No product.

CWE

No CWE.