CVE-2024-22047 Information

Description

A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user.

Reference

https://github.com/collectiveidea/audited/security/advisories/GHSA-hjp3-5g2q-7jww https://github.com/collectiveidea/audited/issues/601 https://github.com/collectiveidea/audited/pull/669 https://github.com/collectiveidea/audited/pull/671 https://github.com/advisories/GHSA-hjp3-5g2q-7jww https://vulncheck.com/advisories/vc-advisory-GHSA-hjp3-5g2q-7jww