Filtered by vendor Cyclonedx
Subscriptions
Filtered by product Cdxgen
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-50611 | 1 Cyclonedx | 1 Cdxgen | 2024-10-30 | 7.2 High |
| CycloneDX cdxgen through 10.10.7, when run against an untrusted codebase, may execute code contained within build-related files such as build.gradle.kts, a similar issue to CVE-2022-24441. cdxgen is used by, for example, OWASP dep-scan. NOTE: this has been characterized as a design limitation, rather than an implementation mistake. | ||||
Page 1 of 1.