{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-39684", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-27T18:44:13.034Z", "datePublished": "2024-07-09T18:53:53.855Z", "dateUpdated": "2024-09-05T08:03:37.023Z"}, "containers": {"cna": {"title": "Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Overflow", "problemTypes": [{"descriptions": [{"cweId": "CWE-190", "lang": "en", "description": "CWE-190: Integer Overflow or Wraparound", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1"}}], "references": [{"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684", "tags": ["x_refsource_CONFIRM"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684"}], "affected": [{"vendor": "Tencent", "product": "RapidJSON", "versions": [{"version": "<= 1.1.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-09T18:53:53.855Z"}, "descriptions": [{"lang": "en", "value": "Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer overflow vulnerability (when the file is parsed), leading to elevation of privilege."}], "source": {"advisory": "GHSA-v6pq-gp4j-75cp", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "tencent", "product": "rapidjson", "cpes": ["cpe:2.3:a:tencent:rapidjson:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.1.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-09T20:45:17.401763Z", "id": "CVE-2024-39684", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-10T20:59:24.451Z"}}, {"title": "CVE Program Container", "references": [{"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684"}, {"url": "https://security.netapp.com/advisory/ntap-20240905-0003/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-05T08:03:37.023Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684", "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240905-0003/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-05T08:03:37.023Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-39684", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-09T20:45:17.401763Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:tencent:rapidjson:*:*:*:*:*:*:*:*"], "vendor": "tencent", "product": "rapidjson", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "1.1.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-09T20:48:48.262Z"}}], "cna": {"title": "Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Overflow", "source": {"advisory": "GHSA-v6pq-gp4j-75cp", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Tencent", "product": "RapidJSON", "versions": [{"status": "affected", "version": "<= 1.1.0"}]}], "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684", "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer overflow vulnerability (when the file is parsed), leading to elevation of privilege."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-09T18:53:53.855Z"}}}, "cveMetadata": {"cveId": "CVE-2024-39684", "state": "PUBLISHED", "dateUpdated": "2024-09-05T08:03:37.023Z", "dateReserved": "2024-06-27T18:44:13.034Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-07-09T18:53:53.855Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer overflow vulnerability (when the file is parsed), leading to elevation of privilege."}, {"lang": "es", "value": "Tencent RapidJSON es vulnerable a la escalada de privilegios debido a un desbordamiento de enteros en la funci\u00f3n `GenericReader::ParseNumber()` de `include/rapidjson/reader.h` al analizar texto JSON de una secuencia. Un atacante debe enviar a la v\u00edctima un archivo manipulado que debe abrirse; esto desencadena la vulnerabilidad de desbordamiento de enteros (cuando se analiza el archivo), lo que lleva a la elevaci\u00f3n de privilegios."}], "id": "CVE-2024-39684", "lastModified": "2024-07-11T13:06:13.187", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-07-09T19:15:12.700", "references": [{"source": "security-advisories@github.com", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"bugzilla": {"description": "rapidjson: pivilege escalation via integer overflow in GenericReader::ParseNumber()", "id": "2296855", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296855"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-190", "details": ["Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer overflow vulnerability (when the file is parsed), leading to elevation of privilege.", "A flaw was found in the RapidJSON package. This flaw allows a local attacker to trigger an integer overflow via a specially crafted file, possibly leading to the escalation of privileges."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-39684", "package_state": [{"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Affected", "package_name": "odf4/mcg-core-rhel8", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openstack:17.1", "fix_state": "Will not fix", "package_name": "leatherman", "product_name": "Red Hat OpenStack Platform 17.1"}], "public_date": "2024-07-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-39684\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-39684\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684"], "threat_severity": "Moderate"}