CVE-2024-38462

iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail binary, such as in the mailMS.cpp#L94-L106 reference.
Configurations

Configuration 1 (hide)

cpe:2.3:a:irods:irods:*:*:*:*:*:*:*:*

History

21 Aug 2024, 15:35

Type Values Removed Values Added
CWE CWE-426

07 Aug 2024, 18:33

Type Values Removed Values Added
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:irods:irods:*:*:*:*:*:*:*:*
References () https://github.com/irods/irods/blob/97eb33f130349db5e01a4b85e89dd1da81460345/server/re/src/mailMS.cpp#L94-L106 - () https://github.com/irods/irods/blob/97eb33f130349db5e01a4b85e89dd1da81460345/server/re/src/mailMS.cpp#L94-L106 - Product
References () https://github.com/irods/irods/issues/7562 - () https://github.com/irods/irods/issues/7562 - Issue Tracking
References () https://github.com/irods/irods/issues/7651 - () https://github.com/irods/irods/issues/7651 - Issue Tracking, Patch
References () https://irods.org/2024/05/irods-4-3-2-is-released/ - () https://irods.org/2024/05/irods-4-3-2-is-released/ - Release Notes
First Time Irods
Irods irods
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8

17 Jun 2024, 12:42

Type Values Removed Values Added
Summary
  • (es) iRODS anterior a 4.3.2 proporciona una función msiSendMail con una dependencia problemática del binario de correo, como en la referencia mailMS.cpp#L94-L106.

16 Jun 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-16 16:15

Updated : 2024-08-21 15:35


NVD link : CVE-2024-38462

Mitre link : CVE-2024-38462

CVE.ORG link : CVE-2024-38462


JSON object : View

Products Affected

irods

  • irods
CWE
NVD-CWE-noinfo CWE-426

Untrusted Search Path