CVE-2024-49373

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-49373

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-49373.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-49373

Aliases

GHSA-5qmx-pr2f-qhj5

Published

2024-10-22T16:15:08Z

Modified

2024-10-30T22:49:44.673347Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

No Fuss Computing Centurion ERP is open source enterprise resource planning (ERP) software. Prior to version 1.2.1, an authenticated user can view projects within organizations they are not apart of. Version 1.2.1 fixes the problem.

References

Affected packages

Git / github.com/nofusscomputing/centurion_erp

Affected ranges

Type: GIT
Repo: https://github.com/nofusscomputing/centurion_erp
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

c3a4685200faa060167d4fde86e806dc91eddcae

Affected versions

0.*

0.0.1

0.1.0

0.2.0

0.3.0

0.4.0

0.5.0

0.6.0

0.7.0

1.*

1.0.0

1.0.0-a1

1.0.0-a2

1.0.0-a3

1.0.0-a4

1.0.0-b1

1.0.0-b10

1.0.0-b11

1.0.0-b12

1.0.0-b13

1.0.0-b14

1.0.0-b2

1.0.0-b3

1.0.0-b4

1.0.0-b5

1.0.0-b6

1.0.0-b7

1.0.0-b8

1.0.0-b9

1.1.0

1.2.0