Lucene search
Veracode Vulnerability DatabaseVERACODE:46799HistoryMay 08, 2024 - 6:04 a.m.
Use After Free
2024-05-0806:04:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
protobuf
use after free
vulnerability
json parser
CVSS3
7.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
AI Score
7
Confidence
Low
EPSS
0
Percentile
9.0%
protobuf is vulnerable to a Use After Free. The vulnerability is due to improper handling of chunked JSON input, which causes the parser to attempt to read bytes from a chunk that has already been freed.
Related
nvd
nvd
CVE-2024-2410
2024-05-03 13:15:21
cve
cve
CVE-2024-2410
2024-05-03 13:15:21
cvelist
cvelist
CVE-2024-2410 Use after free in C++ protobuf
2024-05-03 12:58:39
ubuntucve
ubuntucve
CVE-2024-2410
2024-05-03 00:00:00
debiancve
debiancve
CVE-2024-2410
2024-05-03 13:15:21
redhatcve
redhatcve
CVE-2024-2410
2024-05-03 18:54:56
vulnrichment
vulnrichment
CVE-2024-2410 Use after free in C++ protobuf
2024-05-03 12:58:39
CVSS3
7.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
AI Score
7
Confidence
Low
EPSS
0
Percentile
9.0%
Related for VERACODE:46799