admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-273xx/CVE-2024-27322.json
cad-safe-bot 6086612163 Auto-Update: 2025-02-13T19:00:46.575167+00:00
2025-02-13 19:04:13 +00:00

104 lines
3.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-27322",
"sourceIdentifier": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"published": "2024-04-29T13:15:30.413",
"lastModified": "2025-02-13T18:17:30.000",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R package to run arbitrary code on an end user\u2019s system when interacted with."
},
{
"lang": "es",
"value": "La deserializaci\u00f3n de datos que no son de confianza puede ocurrir en el lenguaje de programaci\u00f3n estad\u00edstica R, en cualquier versi\u00f3n desde 1.4.0 hasta 4.4.0 incluida, lo que permite que un archivo con formato RDS (R Data Serialization) creado con fines malintencionados o un paquete R ejecute c\u00f3digo arbitrario en el sistema de un usuario final cuando se interact\u00faa con \u00e9l."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/29/3",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
},
{
"url": "https://hiddenlayer.com/research/r-bitrary-code-execution/",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
},
{
"url": "https://https://kb.cert.org/vuls/id/238194",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLV4OWXZIJ7EFBIWUZADUSHYJTFAQ4D/",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JVE5FDLFJGTAMOSJ6DREFAODEUBRFWSG/",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
},
{
"url": "https://www.kb.cert.org/vuls/id/238194",
"source": "6f8de1f0-f67e-45a6-b68f-98777fdb759c"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/04/29/3",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://hiddenlayer.com/research/r-bitrary-code-execution/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://https://kb.cert.org/vuls/id/238194",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLV4OWXZIJ7EFBIWUZADUSHYJTFAQ4D/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JVE5FDLFJGTAMOSJ6DREFAODEUBRFWSG/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.kb.cert.org/vuls/id/238194",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink