CVE-2024-6096

In Progress® Telerik® Reporting versions prior to 18.1.24.709, a code execution attack is possible through object injection via an insecure type resolution vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:progress:telerik_reporting:*:*:*:*:*:*:*:*

History

25 Apr 2025, 23:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20250425-0003/ -

Information

Published : 2024-07-24 14:15

Updated : 2025-04-25 23:15


NVD link : CVE-2024-6096

Mitre link : CVE-2024-6096

CVE.ORG link : CVE-2024-6096


JSON object : View

Products Affected

progress

  • telerik_reporting
CWE
CWE-470

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')