CVE-2024-36128
published 2024-06-03CVE-2024-36128: Directus is a real-time API and App dashboard for managing SQL database content. Prior to 10.11.2, providing a non-numeric length value to the random string…
PriorityP340high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.62%
45.2th percentile
Directus is a real-time API and App dashboard for managing SQL database content. Prior to 10.11.2, providing a non-numeric length value to the random string generation utility will create a memory issue breaking the capability to generate random strings platform wide. This creates a denial of service situation where logged in sessions can no longer be refreshed as sessions depend on the capability to generate a random session ID. This vulnerability is fixed in 10.11.2.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| directus | directus | < 10.11.2 | 10.11.2 |
| directus | directus | >= 0 < 10.11.2 | 10.11.2 |
| monospace | directus | < 10.11.2 | 10.11.2 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Directus is soft-locked by providing a string value to random string util
osv·2024-06-04
CVE-2024-36128 [HIGH] Directus is soft-locked by providing a string value to random string util
Directus is soft-locked by providing a string value to random string util
### Describe the Bug
Providing a non-numeric length value to the random string generation utility will create a memory issue breaking the capability to generate random strings platform wide. This creates a denial of service situation where logged in sessions can no longer be refreshed as sessions depend on the capability to generate a random session ID.
### To Reproduce
1. Test if the endpoint is working and accessible, `GET http://localhost:8055/utils/random/string`
2. Do a bad request `GET http://localhost:8055/utils/random/string?length=foo`
3. After this all calls to `GET http://localhost:8055/utils/random/string` will return an empty string instead of a random string
4. In this error situation you'll see aut
GHSA
Directus is soft-locked by providing a string value to random string util
ghsa·2024-06-04
CVE-2024-36128 [HIGH] CWE-754 Directus is soft-locked by providing a string value to random string util
Directus is soft-locked by providing a string value to random string util
### Describe the Bug
Providing a non-numeric length value to the random string generation utility will create a memory issue breaking the capability to generate random strings platform wide. This creates a denial of service situation where logged in sessions can no longer be refreshed as sessions depend on the capability to generate a random session ID.
### To Reproduce
1. Test if the endpoint is working and accessible, `GET http://localhost:8055/utils/random/string`
2. Do a bad request `GET http://localhost:8055/utils/random/string?length=foo`
3. After this all calls to `GET http://localhost:8055/utils/random/string` will return an empty string instead of a random string
4. In this error situation you'll see aut
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/directus/directus/commit/7d2a1392f43613094de700062aba168a9400dd3bhttps://github.com/directus/directus/security/advisories/GHSA-632p-p495-25m5https://github.com/directus/directus/commit/7d2a1392f43613094de700062aba168a9400dd3bhttps://github.com/directus/directus/security/advisories/GHSA-632p-p495-25m5
2024-06-03
Published