CVE-2024-10224

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Nov 19, 2024

Updated: Dec 3, 2024

CWE ID 78

Summary

CVE-2024-10224 is a recently discovered vulnerability in Qualys' Modules::ScanDeps library, affecting versions prior to 1.36. Maliciously crafted unsanitized input can exploit this issue, enabling a local attacker to execute arbitrary shell commands through the open() function or by passing malicious strings to eval(). This poses a significant risk to system security if left unpatched.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/zuXl-8
https://www.cve.org/CVERecord?id=CVE-2024-10224
https://nvd.nist.gov/vuln/detail/CVE-2024-10224

Back to Vulnerability Database

CVE-2024-10224

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations