PyPI package
dirac
pkg:pypi/dirac
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-29905 | — | < 8.0.41 | 8.0.41 | Apr 9, 2024 | DIRAC is an interware, meaning a software framework for distributed computing. Prior to version 8.0.41, during the proxy generation process (e.g., when using `dirac-proxy-init`), it is possible for unauthorized users on the same machine to gain read access to the proxy. This allo | ||
| CVE-2024-24825 | — | >= 8.0.0, < 8.0.37 | 8.0.37 | Feb 8, 2024 | DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There |
- CVE-2024-29905Apr 9, 2024affected < 8.0.41fixed 8.0.41
DIRAC is an interware, meaning a software framework for distributed computing. Prior to version 8.0.41, during the proxy generation process (e.g., when using `dirac-proxy-init`), it is possible for unauthorized users on the same machine to gain read access to the proxy. This allo
- CVE-2024-24825Feb 8, 2024affected >= 8.0.0, < 8.0.37fixed 8.0.37
DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There