VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-eb8p-vqjt-yfb8

Essentials
Severities (13)
References (6)
Severity details (12)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-eb8p-vqjt-yfb8
Aliases	CVE-2024-34708 GHSA-p8v3-m643-4xqx
Summary
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-200	Exposure of Sensitive Information to an Unauthorized Actor
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.00324	https://api.first.org/data/v1/epss?cve=CVE-2024-34708
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-p8v3-m643-4xqx
cvssv3.1	4.9	https://github.com/directus/directus
generic_textual	MODERATE	https://github.com/directus/directus
cvssv3.1	4.9	https://github.com/directus/directus/commit/e70a90c267bea695afce6545174c2b77517d617b
generic_textual	MODERATE	https://github.com/directus/directus/commit/e70a90c267bea695afce6545174c2b77517d617b
ssvc	Track	https://github.com/directus/directus/commit/e70a90c267bea695afce6545174c2b77517d617b
cvssv3.1	4.9	https://github.com/directus/directus/security/advisories/GHSA-p8v3-m643-4xqx
cvssv3.1_qr	MODERATE	https://github.com/directus/directus/security/advisories/GHSA-p8v3-m643-4xqx
generic_textual	MODERATE	https://github.com/directus/directus/security/advisories/GHSA-p8v3-m643-4xqx
ssvc	Track	https://github.com/directus/directus/security/advisories/GHSA-p8v3-m643-4xqx
cvssv3.1	4.9	https://nvd.nist.gov/vuln/detail/CVE-2024-34708
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2024-34708

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2024-34708
		https://github.com/directus/directus
		https://github.com/directus/directus/commit/e70a90c267bea695afce6545174c2b77517d617b
CVE-2024-34708		https://nvd.nist.gov/vuln/detail/CVE-2024-34708
GHSA-p8v3-m643-4xqx		https://github.com/advisories/GHSA-p8v3-m643-4xqx
GHSA-p8v3-m643-4xqx		https://github.com/directus/directus/security/advisories/GHSA-p8v3-m643-4xqx

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/directus/directus

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/directus/directus/commit/e70a90c267bea695afce6545174c2b77517d617b

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T15:21:26Z/ Found at https://github.com/directus/directus/commit/e70a90c267bea695afce6545174c2b77517d617b

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/directus/directus/security/advisories/GHSA-p8v3-m643-4xqx

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T15:21:26Z/ Found at https://github.com/directus/directus/security/advisories/GHSA-p8v3-m643-4xqx

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-34708

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.55666
EPSS Score	0.00324
Published At	May 30, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-05-30T22:40:18.360783+00:00	EPSS Importer	Import	https://epss.cyentia.com/epss_scores-current.csv.gz	38.6.0