Free Trial

CVE-2024-38525 : DATADOG DD-TRACE-CPP UP TO 0.2.1 DENIAL OF SERVICE

Description

dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the `nlohmann` JSON library. However, due to the way the JSON library is invoked, it throws an uncaught exception, which results in a crash. This vulnerability has been patched in version 0.2.2.

References

https://github.com/DataDog/dd-trace-cpp/security/advisories/GHSA-rf3p-mg22-qv6w

https://github.com/DataDog/dd-trace-cpp/releases/tag/v0.2.2

For More Information

CVERecord

Common Vulnerabilityies and Exposures

CVE-2024-38525 : DATADOG DD-TRACE-CPP UP TO 0.2.1 DENIAL OF SERVICE
CVE-2024-38525 : DATADOG DD-TRACE-CPP UP TO 0.2.1 DENIAL OF SERVICE

Contact us to get started

CVE-2024-5711 : STITIONAI DEVIKA CROSS SITE SCRIPTING

CVE-2024-5711 : STITIONAI DEVIKA CROSS SITE SCRIPTING

Description Cross-site Scripting (XSS) – Stored in GitHub repository stitionai/devika prior to -. References https://huntr.com/bounties/6c00ff84-574b-4b4f-bd58-aa7ec1809662 https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2 For More Information CVERecord

Learn more
CVE-2024-38330 : IBM I 7.2/7.3/7.4 UNCONTROLLED SEARCH PATH

CVE-2024-38330 : IBM I 7.2/7.3/7.4 UNCONTROLLED SEARCH PATH

Description IBM System Management for i 7.2, 7.3, and 7.4 could allow a local user to gain elevated privileges due

Learn more
CVE-2024-6539 : HEYEWEI SPRINGBOOTCMS UP TO 2024-05-28 GUESTBOOK /GUESTBOOK CONTENT CROSS SITE SCRIPTING

CVE-2024-6539 : HEYEWEI SPRINGBOOTCMS UP TO 2024-05-28 GUESTBOOK /GUESTBOOK CONTENT CROSS SITE SCRIPTING

Description A vulnerability classified as problematic has been found in heyewei SpringBootCMS up to 2024-05-28. Affected is an unknown function

Learn more