VYPR
Medium severity5.5OSV Advisory· Published May 15, 2024· Updated Jun 17, 2026

CVE-2024-35184

CVE-2024-35184

Description

Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • 0.3.0, 0.3.1, 0.3.3, …+ 1 more
    • (no CPE)range: 0.3.0, 0.3.1, 0.3.3, …
    • (no CPE)range: >=2.5.0,<2.8.6

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.