Moderate severityNVD Advisory· Published Apr 3, 2024· Updated Mar 28, 2025
CVE-2024-29477
CVE-2024-29477
Description
Lack of sanitization during Installation Process in Dolibarr ERP CRM up to version 19.0.0 allows an attacker with adjacent access to the network to execute arbitrary code via a specifically crafted input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
dolibarr/dolibarrPackagist | <= 19.0.0 | — |
Affected products
3- osv-coords2 versions
< 19.0.1+ 1 more
- (no CPE)range: < 19.0.1
- (no CPE)range: <= 19.0.0
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-p73x-rpgm-3v56ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-29477ghsaADVISORY
- dolibarr.comghsaWEB
- github.com/alexbsec/CVEs/blob/master/2024/CVE-2024-29477.mdghsaWEB
News mentions
0No linked articles in our index yet.