Improper Locking Affecting thingsboard package, versions <3.7-r1
Threat Intelligence
EPSS
0.09% (40th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-CHAINGUARDLATEST-THINGSBOARD-7924782
- published 8 Sep 2024
- disclosed 25 Feb 2022
Introduced: 25 Feb 2022
CVE-2022-24329 Open this link in a new tabHow to fix?
Upgrade Chainguard
thingsboard
to version 3.7-r1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream thingsboard
package and not the thingsboard
package as distributed by Chainguard
.
See How to fix?
for Chainguard
relevant fixed versions and status.
In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.
CVSS Scores
version 3.1