CVE-2024-6915

CRITICAL9.3EPSS 0.08%

Published: 8/7/2024Modified: 4/3/2025

Description

JFrog Artifactory versions below 7.90.6, 7.84.20, 7.77.14, 7.71.23, 7.68.22, 7.63.22, 7.59.23, 7.55.18 are vulnerable to Improper Input Validation that could potentially lead to cache poisoning.

Affected packages (1)

Bitnami/artifactoryfrom 0, < 7.55.18, >= 7.56.0, < 7.59.23, >= 7.60.0, < 7.63.22, >= 7.64.0, < 7.68.22, >= 7.69.0, < 7.71.23, >= 7.72.0, < 7.77.14, >= 7.78.0, < 7.84.20, >= 7.85.0, < 7.90.6

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	CRITICAL9.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L

References (2)

WEBhttps://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories
WEBhttps://nvd.nist.gov/vuln/detail/CVE-2024-6915