CVE-2024-55630

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Feb 7, 2025

Updated: Feb 10, 2025

CWE ID 20

Summary

CVE-2024-55630 is a denial-of-service vulnerability affecting Joplin, a free and open-source note-taking and to-do application. The vulnerability lies in Joplin's HTML sanitizer, which allows the `name` attribute to overwrite existing `document` properties with the same name. This issue can lead to the note viewer failing to refresh, requiring the user to close and re-open the application with a different note to restore functionality. Users are advised to upgrade to version 3.2.8 to address this vulnerability, and there are currently no known workarounds.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1bBwNV
https://www.cve.org/CVERecord?id=CVE-2024-55630
https://nvd.nist.gov/vuln/detail/CVE-2024-55630

Back to Vulnerability Database

CVE-2024-55630

CVSS 3.1 Score 3.3 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations