{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T14:05:49.189","vulnerabilities":[{"cve":{"id":"CVE-2024-41961","sourceIdentifier":"security-advisories@github.com","published":"2024-08-01T15:15:14.310","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which later flows into an `eval` sink which executes the code. Fixed in commit 8bce00be93b95a6512ff68fe86bf9554e486bc02."},{"lang":"es","value":" Elektra es un panel de Openstack obstinado para operadores y consumidores de servicios Openstack. Se encontró una vulnerabilidad de inyección de código en la funcionalidad de búsqueda en vivo de la aplicación web Elektra basada en Ruby on Rails. Un usuario autenticado puede crear un término de búsqueda que contenga código Ruby, que luego fluye hacia un receptor \"eval\" que ejecuta el código. Corregido en la confirmación 8bce00be93b95a6512ff68fe86bf9554e486bc02."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":5.8}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://github.com/sapcc/elektra/commit/49aea3b365082681558bf3bf7bf4a51766cfc44d","source":"security-advisories@github.com"},{"url":"https://github.com/sapcc/elektra/commit/8bce00be93b95a6512ff68fe86bf9554e486bc02","source":"security-advisories@github.com"},{"url":"https://github.com/sapcc/elektra/security/advisories/GHSA-6j2h-486h-487q","source":"security-advisories@github.com"}]}}]}