Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-cpfp-m5qw-c4r3

GitHub Security Advisory

Improper Preservation of Permissions in xxl-job

✓ GitHub Reviewed HIGH Has CVE
View on GitHub

Advisory Details

Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component.

Affected Packages

Maven com.xuxueli:xxl-job-core
Affected versions: 0 (fixed in 2.4.2)

Related CVEs

CVE-2024-42681

Key Information

GHSA ID
GHSA-cpfp-m5qw-c4r3
Published
August 15, 2024 6:31 PM
Last Modified
May 22, 2025 8:00 PM
CVSS Score
7.5 /10
Primary Ecosystem
Maven
Primary Package
com.xuxueli:xxl-job-core
GitHub Reviewed
✓ Yes

Dataset

Last updated: August 1, 2025 6:44 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.