CVE-2024-28736: High severity Debezium debezium-ui vulnerability
Published May 31, 2024
·Updated
An issue in Debezium Community debezium-ui v.2.5 allows a local attacker to execute arbitrary code via the refresh page function.
Affected Software
1 affected component
Debezium debezium-ui
Event History
Jan 1, 1970
CVE Published
via MITRE·12:00 AM
May 31, 2024
CVE Published
via NVD·04:15 PM
Data Sourced
via NVD·04:15 PM
DescriptionSeverityWeakness
Aug 2, 2024
Data Sourced
via MITRE·01:02 AM
Description
Frequently Asked Questions
1
What is the severity of CVE-2024-28736?
CVE-2024-28736 is considered a high-severity vulnerability due to its ability to allow local attackers to execute arbitrary code.
2
How do I fix CVE-2024-28736?
To fix CVE-2024-28736, upgrade to the newest version of Debezium Community debezium-ui that includes the relevant security patches.
3
Who is affected by CVE-2024-28736?
CVE-2024-28736 affects users of Debezium Community debezium-ui version 2.5.
4
What type of vulnerability is CVE-2024-28736?
CVE-2024-28736 is a code execution vulnerability that can be exploited via the refresh page function.
5
Can CVE-2024-28736 be exploited remotely?
No, CVE-2024-28736 can only be exploited locally by an attacker with access to the affected system.