VDB
CVE-2024-32884
CVE-2024-32884
PUBLISHED
CVSS 6.400000095367432 MEDIUM
gix-transport indirect code execution via malicious username
EPSS 0.09% · 25.0th percentile
Risk Scores
CVSS v3.1
6.400000095367432
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L
EPSS Score
0.09%
25.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| crates.io | gix | 0 |
| Byron | gitoxide | < 0.62, < 0.35, * |
| byron | gitoxide | 0, 0, 0 |
| crates.io | gitoxide | 0 |
| crates.io | gix-transport | 0 |
Timeline
- Jan 21, 1970 Security Advisory
- Apr 13, 2024 CVE Published
- Apr 13, 2024 PoC Published
- Apr 27, 2024 EPSS Score
- May 21, 2024 EPSS Score
- Jun 16, 2024 EPSS Score
- Aug 4, 2024 EPSS Score
- Aug 28, 2024 EPSS Score
- Sep 22, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 16, 2024 EPSS Score
- Nov 10, 2024 EPSS Score