CVE-2024-43372
CVE-2024-43372 is a security vulnerability that is still awaiting full analysis and scoring.
Key facts
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2024-2651
- Published:
- Last modified:
Description
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-43369. Reason: This candidate is a duplicate of CVE-2024-43369. Notes: All CVE users should reference CVE-2024-43369 instead of this candidate. This CVE was issued to a vulnerability that is dependent on CVE-2024-43369. According to rule 4.2.15 of the CVE CNA rules, "CNAs MUST NOT assign a different CVE ID to a Vulnerability that is fully interdependent with another Vulnerability. The Vulnerabilities are effectively the same single Vulnerability and MUST use one CVE ID."
Frequently asked questions
- What is CVE-2024-43372?
- Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-43369. Reason: This candidate is a duplicate of CVE-2024-43369. Notes: All CVE users should reference CVE-2024-43369 instead of this candidate. This CVE was issued to a vulnerability that is dependent on CVE-2024-43369. According to rule 4.2.15 of the CVE CNA rules, "CNAs MUST NOT assign a different CVE ID to a Vulnerability that is fully interdependent with another Vulnerability. The Vulnerabilities are effectively the same single Vulnerability and MUST use one CVE ID."
- Is CVE-2024-43372 being actively exploited?
- It is not currently listed in CISA's Known Exploited Vulnerabilities catalog, and no EPSS exploit-prediction score is available yet.
- How do I fix CVE-2024-43372?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2024-43372 have an EU (EUVD) identifier?
- Yes. CVE-2024-43372 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2024-2651.
- When was CVE-2024-43372 published?
- CVE-2024-43372 was published on 2024-08-19.
EU advisories (EUVD)
- https://github.com/ezsystems/ezplatform-richtext/security/advisories/GHSA-rhm7-7469-rcpw
- https://github.com/ibexa/fieldtype-richtext/security/advisories/GHSA-hvcf-6324-cjh7
- https://nvd.nist.gov/vuln/detail/CVE-2024-43369
- https://github.com/ezsystems/ezplatform-richtext/commit/2c652915625c47b493a2be06924f4c87d1df7d8e
- https://github.com/ezsystems/ezplatform-richtext/commit/6131975108fa9756e17043e7a06a4e72f786f842
- https://github.com/ezsystems/ezplatform-richtext/commit/7bbc6d024c6146d1e1ba84d27a3ebffe9459613e
- https://github.com/ezsystems/ezplatform-richtext/commit/8b75c603dfd1ad6f6f3db15ae2324876683cbaf9
- https://github.com/ezsystems/ezplatform-richtext/commit/dbe816f3ff4c903cc508dfdcdca8791c8284d292
- https://developers.ibexa.co/security-advisories/ibexa-sa-2024-005-persistent-xss-in-richtext
- https://github.com/ezsystems/ezplatform-richtext