CVE-2024-43383

🗓️ 31 Oct 2024 09:57:29Reported by apacheType

Deserialization of Untrusted Data vulnerability in Apache Lucene.Net.Replicator, affecting versions 4.8.0-beta00005 through 4.8.0-beta0001

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2024-43383	31 Oct 202411:55	–	circl
CNNVD	Apache Lucene 安全漏洞	31 Oct 202400:00	–	cnnvd
Cvelist	CVE-2024-43383 Apache Lucene.Net.Replicator: Remote Code Execution in Lucene.Net.Replicator	31 Oct 202409:57	–	cvelist
EUVD	EUVD-2024-2909	3 Oct 202520:07	–	euvd
Github Security Blog	Apache Lucene.Net.Replicator Deserialization of Untrusted Data vulnerability	31 Oct 202412:30	–	github
NVD	CVE-2024-43383	31 Oct 202410:15	–	nvd
OSV	GHSA-2QW8-PPR5-M96C Apache Lucene.Net.Replicator Deserialization of Untrusted Data vulnerability	31 Oct 202412:30	–	osv
Positive Technologies	PT-2024-7646 · Apache · Apache Lucene.Net.Replicator	8 Oct 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-43383	5 Feb 202512:50	–	redhatcve
Snyk	Deserialization of Untrusted Data	31 Oct 202410:41	–	snyk

NVD

Vulners

Vulnrichment

Node

apache lucene.netMatch4.8.0beta00005

apache lucene.netMatch4.8.0beta00006

apache lucene.netMatch4.8.0beta00007

apache lucene.netMatch4.8.0beta00008

apache lucene.netMatch4.8.0beta00009

apache lucene.netMatch4.8.0beta00010

apache lucene.netMatch4.8.0beta00011

apache lucene.netMatch4.8.0beta00012

apache lucene.netMatch4.8.0beta00013

apache lucene.netMatch4.8.0beta00014

apache lucene.netMatch4.8.0beta00015

apache lucene.netMatch4.8.0beta00016

[
  {
    "collectionURL": "https://www.nuget.org/packages/Lucene.Net.Replicator/4.8.0-beta00016",
    "defaultStatus": "unaffected",
    "packageName": "Lucene.Net.Replicator",
    "product": "Apache Lucene.Net.Replicator",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThanOrEqual": "4.8.0-beta00016",
        "status": "affected",
        "version": "4.8.0-beta00005",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
lists	www.lists.apache.org/thread/wlz1p76dxpt4rl9o29voxjd5zl7717nh
openwall	www.openwall.com/lists/oss-security/2024/10/31/2

11 Feb 2025 16:13Current

8.1High risk

Vulners AI Score8.1

CVSS 3.18 - 8.1

EPSS0.04731

SSVC

CWE-502