Vulnerability CVE-2024-24825


Published: 2024-02-09

Description:
DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Type:

CWE-200

(Information Exposure)

 References:
https://github.com/DIRACGrid/DIRAC/security/advisories/GHSA-59qj-jcjv-662j
https://github.com/DIRACGrid/DIRAC/commit/f9ddab755b9a69acb85e14d2db851d8ac0c9648c

Copyright 2026, cxsecurity.com

 

Back to Top