Security Advisory

CVE-2024-11003

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-19 17:36:36

Last updated 2025-11-03 21:51:44

Assigner canonical

State PUBLISHED

Description

Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps.

← Browse all CVEs View on cve.org ↗