CVE-2024-22338

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-22338

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-22338.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-22338

Published

2024-05-31T11:15:09.180Z

Modified

2026-04-02T09:49:03.678776Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

IBM Security Verify Access OIDC Provider 22.09 through 23.03 could disclose sensitive information to a local user due to hazardous input validation. IBM X-Force ID: 279978.

References

Affected packages

Git / github.com/ibm-security/verify-access-oidc-provider-resources

Affected ranges

Type

GIT

Repo

https://github.com/ibm-security/verify-access-oidc-provider-resources

Events

Introduced

f68e40705b2cdcc39a95b13daa296ae1d264955f

Last affected

15559f02903f62618847d3fdbfc6e8442467de00

Database specific

{
    "versions": [
        {
            "introduced": "22.09"
        },
        {
            "last_affected": "23.03"
        }
    ]
}

Affected versions

22.*

22.09

22.12

23.*

23.03

pre-22.*

pre-22.09

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-22338.json"