CVE-2024-38827
CVSS 3.1 Score 4.8 of 10 (medium)
Details
Published Dec 2, 2024
CWE ID 639
Summary
CVE-2024-38827: A vulnerability has been identified in the handling of String functions, specifically String.toLowerCase() and String.toUpperCase(). This issue is locale-dependent and could potentially disrupt authorization rules, leading to potential security risks. Developers are advised to use locale-insensitive string comparison functions or be cautious when using these functions with strings containing locale-specific characters.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- VMware Inc.