admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 05:28:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-534xx/CVE-2024-53476.json
cad-safe-bot 22fb3bea38 Auto-Update: 2025-01-05T03:00:19.815336+00:00
2025-01-05 03:03:46 +00:00

68 lines
2.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-53476",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-12-27T19:15:09.103",
"lastModified": "2024-12-28T19:15:06.880",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A race condition vulnerability in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f allows attackers to bypass inventory restrictions by simultaneously submitting purchase requests from multiple accounts for the same product. This can lead to overselling when stock is limited, as the system fails to accurately track inventory under high concurrency, resulting in potential loss and unfulfilled orders."
},
{
"lang": "es",
"value": "Una vulnerabilidad de condici\u00f3n de ejecuci\u00f3n en SimplCommerce en el commit 230310c8d7a0408569b292c5a805c459d47a1d8f permite a los atacantes eludir las restricciones de inventario mediante el env\u00edo simult\u00e1neo de solicitudes de compra desde varias cuentas para el mismo producto. Esto puede provocar una sobreventa cuando el stock es limitado, ya que el sistema no puede realizar un seguimiento preciso del inventario en condiciones de alta concurrencia, lo que da como resultado posibles p\u00e9rdidas y pedidos no completados."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"references": [
{
"url": "https://github.com/AbdullahAlmutawa/CVE-2024-53476",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/simplcommerce/SimplCommerce",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/simplcommerce/SimplCommerce/issues/1111",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink