Vulnerabilities > Conduit > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-06-25 CVE-2024-6300 Incomplete Cleanup vulnerability in Conduit
Incomplete cleanup when performing redactions in Conduit, allowing an attacker to check whether certain strings were present in the PDU before redaction
network
low complexity
conduit CWE-459
5.3
5.3
2024-06-25 CVE-2024-6302 Unspecified vulnerability in Conduit
Lack of privilege checking when processing a redaction in Conduit versions v0.6.0 and lower, allowing a local user to redact any message from users on the same server, given that they are able to send redaction events.
local
low complexity
conduit
5.5
5.5