Description

CKAN is an open-source data management system for powering data hubs and data portals. If there were connection issues with the Solr server, the internal Solr URL (potentially including credentials) could be leaked to package_search calls as part of the returned error message. This has been patched in CKAN 2.10.5 and 2.11.0.

INFO

Published Date :

2024-08-21T14:31:26.240Z

Last Modified :

2024-08-21T15:32:22.705Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-41674 vulnerability.

Vendors Products
Ckan
  • Ckan
Okfn
  • Ckan
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-41674.

URL Resource
https://github.com/ckan/ckan/commit/f6b032cd7082d784938165bbd113557639002ca7 cve-icon cve-icon
https://github.com/ckan/ckan/security/advisories/GHSA-2rqw-cfhc-35fh cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact