{
  "id": "CVE-2024-37371",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-06-28T23:15:11.603",
  "lastModified": "2024-07-01T12:37:24.220",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields."
    },
    {
      "lang": "es",
      "value": "En MIT Kerberos 5 (tambi\u00e9n conocido como krb5) anterior a 1.21.3, un atacante puede provocar lecturas de memoria no v\u00e1lidas durante el manejo de tokens de mensajes GSS al enviar tokens de mensajes con campos de longitud no v\u00e1lidos."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://web.mit.edu/kerberos/www/advisories/",
      "source": "cve@mitre.org"
    }
  ]
}