Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
37 vulnerabilities by Open Networking Foundation (ONF)
CVE-2024-31198 (GCVE-0-2024-31198)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:59 – Updated: 2024-09-18 15:13
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack.
This issue affects libfluid: 0.1.0.
Severity ?
5.3 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31198",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T14:55:00.476016Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:13:36.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::Port:unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::Port:unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::Port:unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:59:19.379Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31198"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31198",
"datePublished": "2024-09-18T13:59:19.379Z",
"dateReserved": "2024-03-29T08:24:16.652Z",
"dateUpdated": "2024-09-18T15:13:36.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31197 (GCVE-0-2024-31197)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:59 – Updated: 2024-09-18 15:25
VLAI?
Title
Improper Null Termination in libfluid_msg library
Summary
Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack.
This issue affects libfluid: 0.1.0.
Severity ?
5.3 (Medium)
CWE
- CWE-170 - Improper Null Termination
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31197",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:18:04.198528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:25:14.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::Port:unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::Port:unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::Port:unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-170",
"description": "CWE-170 Improper Null Termination",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:59:12.331Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31197"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Null Termination in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31197",
"datePublished": "2024-09-18T13:59:12.331Z",
"dateReserved": "2024-03-29T08:24:16.652Z",
"dateUpdated": "2024-09-18T15:25:14.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31196 (GCVE-0-2024-31196)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:59 – Updated: 2024-09-18 15:28
VLAI?
Title
NULL Pointer Dereference in libfluid_msg library
Summary
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::ActionList::unpack10.
This issue affects libfluid: 0.1.0.
Severity ?
5.3 (Medium)
CWE
- CWE-690 - Unchecked Return Value to NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31196",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:27:37.117346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:28:32.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::ActionList::unpack10"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::ActionList::unpack10\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::ActionList::unpack10.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-690",
"description": "CWE-690 Unchecked Return Value to NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:59:05.532Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31196"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NULL Pointer Dereference in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31196",
"datePublished": "2024-09-18T13:59:05.532Z",
"dateReserved": "2024-03-29T08:24:16.652Z",
"dateUpdated": "2024-09-18T15:28:32.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31195 (GCVE-0-2024-31195)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:29
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31195",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:28:51.254805Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:29:21.659Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:58.395Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31195"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31195",
"datePublished": "2024-09-18T13:58:58.395Z",
"dateReserved": "2024-03-29T08:24:16.652Z",
"dateUpdated": "2024-09-18T15:29:21.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31194 (GCVE-0-2024-31194)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:30
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortStats::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31194",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:29:47.807826Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:30:19.011Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortStats::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortStats::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:50.195Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31194"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31194",
"datePublished": "2024-09-18T13:58:50.195Z",
"dateReserved": "2024-03-29T08:24:16.652Z",
"dateUpdated": "2024-09-18T15:30:19.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31193 (GCVE-0-2024-31193)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:32
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:31:47.114995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:32:28.107Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:42.560Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31193"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31193",
"datePublished": "2024-09-18T13:58:42.560Z",
"dateReserved": "2024-03-29T08:24:14.801Z",
"dateUpdated": "2024-09-18T15:32:28.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31192 (GCVE-0-2024-31192)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:38
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31192",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:37:54.314421Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:38:38.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:36.083Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31192"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31192",
"datePublished": "2024-09-18T13:58:36.083Z",
"dateReserved": "2024-03-29T08:24:14.801Z",
"dateUpdated": "2024-09-18T15:38:38.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31191 (GCVE-0-2024-31191)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:39
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:38:54.853615Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:39:25.540Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:29.821Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31191"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31191",
"datePublished": "2024-09-18T13:58:29.821Z",
"dateReserved": "2024-03-29T08:24:14.801Z",
"dateUpdated": "2024-09-18T15:39:25.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31190 (GCVE-0-2024-31190)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:48
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeterConfig::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:45:44.678790Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:48:13.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeterConfig::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeterConfig::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:22.935Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31190"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31190",
"datePublished": "2024-09-18T13:58:22.935Z",
"dateReserved": "2024-03-29T08:24:14.801Z",
"dateUpdated": "2024-09-18T15:48:13.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31189 (GCVE-0-2024-31189)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:49
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartRequestTableFeatures::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31189",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:48:33.903000Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:49:55.840Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartRequestTableFeatures::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartRequestTableFeatures::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:13.572Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31189"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31189",
"datePublished": "2024-09-18T13:58:13.572Z",
"dateReserved": "2024-03-29T08:24:14.800Z",
"dateUpdated": "2024-09-18T15:49:55.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31188 (GCVE-0-2024-31188)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:50
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTableFeatures::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31188",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:50:12.652443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:50:36.674Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTableFeatures::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTableFeatures::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:06.828Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31188"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31188",
"datePublished": "2024-09-18T13:58:06.828Z",
"dateReserved": "2024-03-29T08:24:14.800Z",
"dateUpdated": "2024-09-18T15:50:36.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31187 (GCVE-0-2024-31187)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 15:51
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortDescription::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:50:55.475034Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:51:22.751Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortDescription::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortDescription::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:59.801Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31187"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31187",
"datePublished": "2024-09-18T13:57:59.801Z",
"dateReserved": "2024-03-29T08:24:14.800Z",
"dateUpdated": "2024-09-18T15:51:22.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31186 (GCVE-0-2024-31186)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 15:52
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::QueueGetConfigReply::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31186",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:51:49.312116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:52:19.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::QueueGetConfigReply::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::QueueGetConfigReply::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:51.823Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31186"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31186",
"datePublished": "2024-09-18T13:57:51.823Z",
"dateReserved": "2024-03-29T08:24:14.800Z",
"dateUpdated": "2024-09-18T15:52:19.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31185 (GCVE-0-2024-31185)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 17:12
VLAI?
Title
NULL Pointer Dereference in libfluid_msg library
Summary
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MeterBandList::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
5.3 (Medium)
CWE
- CWE-690 - Unchecked Return Value to NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31185",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:11:32.772148Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:12:09.394Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::QueuePropertyList::unpack10"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;fluid_msg::of13::MeterBandList::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::MeterBandList::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-690",
"description": "CWE-690 Unchecked Return Value to NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:43.147Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31185"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NULL Pointer Dereference in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31185",
"datePublished": "2024-09-18T13:57:43.147Z",
"dateReserved": "2024-03-29T08:24:14.800Z",
"dateUpdated": "2024-09-18T17:12:09.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31184 (GCVE-0-2024-31184)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 17:12
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MeterStats::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31184",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:12:23.540398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:12:39.993Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;fluid_msg::of13::MeterStats::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::MeterStats::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:35.823Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31184"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31184",
"datePublished": "2024-09-18T13:57:35.823Z",
"dateReserved": "2024-03-29T08:24:14.800Z",
"dateUpdated": "2024-09-18T17:12:39.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31183 (GCVE-0-2024-31183)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 17:13
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::Hello::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31183",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:12:53.431103Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:13:10.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;fluid_msg::of13::Hello::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::Hello::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:28.799Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31183"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31183",
"datePublished": "2024-09-18T13:57:28.799Z",
"dateReserved": "2024-03-29T08:24:13.203Z",
"dateUpdated": "2024-09-18T17:13:10.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31182 (GCVE-0-2024-31182)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 15:22
VLAI?
Title
NULL Pointer Dereference in libfluid_msg library
Summary
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::QueuePropertyList::unpack10.
This issue affects libfluid: 0.1.0.
Severity ?
5.3 (Medium)
CWE
- CWE-690 - Unchecked Return Value to NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31182",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:21:28.671567Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:22:59.108Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::QueuePropertyList::unpack10"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::QueuePropertyList::unpack10\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::QueuePropertyList::unpack10.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-690",
"description": "CWE-690 Unchecked Return Value to NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:21.605Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31182"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NULL Pointer Dereference in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31182",
"datePublished": "2024-09-18T13:57:21.605Z",
"dateReserved": "2024-03-29T08:24:13.203Z",
"dateUpdated": "2024-09-18T15:22:59.108Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31181 (GCVE-0-2024-31181)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 17:13
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::GroupStats::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31181",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:13:23.581713Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:13:42.767Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;fluid_msg::of13::GroupStats::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::GroupStats::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:13.375Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31181"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31181",
"datePublished": "2024-09-18T13:57:13.375Z",
"dateReserved": "2024-03-29T08:24:13.203Z",
"dateUpdated": "2024-09-18T17:13:42.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31180 (GCVE-0-2024-31180)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 17:14
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::GroupDesc::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31180",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:13:56.354602Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:14:14.942Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of13::GroupDesc::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::GroupDesc::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:06.338Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31180"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31180",
"datePublished": "2024-09-18T13:57:06.338Z",
"dateReserved": "2024-03-29T08:24:13.203Z",
"dateUpdated": "2024-09-18T17:14:14.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31179 (GCVE-0-2024-31179)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:17
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropInstruction::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31179",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:17:23.883399Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:17:44.670Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::TableFeaturePropInstruction::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of13::TableFeaturePropInstruction::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::TableFeaturePropInstruction::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:57.810Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31179"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31179",
"datePublished": "2024-09-18T13:56:57.810Z",
"dateReserved": "2024-03-29T08:24:13.203Z",
"dateUpdated": "2024-09-18T17:17:44.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31178 (GCVE-0-2024-31178)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:18
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropNextTables::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31178",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:17:58.922454Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:18:17.010Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::TableFeaturePropNextTables::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of13::TableFeaturePropNextTables::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::TableFeaturePropNextTables::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:49.123Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31178"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31178",
"datePublished": "2024-09-18T13:56:49.123Z",
"dateReserved": "2024-03-29T08:24:13.202Z",
"dateUpdated": "2024-09-18T17:18:17.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31177 (GCVE-0-2024-31177)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:18
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg modules). This vulnerability is associated with program routines fluid_msg::of13::TableFeaturePropActions::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31177",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:18:32.594771Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:18:53.574Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::TableFeaturePropActions::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg modules).\u003cp\u003e This vulnerability is associated with program routines \u003ctt\u003efluid_msg::of13::TableFeaturePropActions::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg modules). This vulnerability is associated with program routines fluid_msg::of13::TableFeaturePropActions::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:40.883Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31177"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31177",
"datePublished": "2024-09-18T13:56:40.883Z",
"dateReserved": "2024-03-29T08:24:13.202Z",
"dateUpdated": "2024-09-18T17:18:53.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31176 (GCVE-0-2024-31176)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:19
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropOXM::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31176",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:19:21.363550Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:19:39.056Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::TableFeaturePropOXM::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of13::TableFeaturePropOXM::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::TableFeaturePropOXM::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:33.963Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31176"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31176",
"datePublished": "2024-09-18T13:56:33.963Z",
"dateReserved": "2024-03-29T08:24:13.202Z",
"dateUpdated": "2024-09-18T17:19:39.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31175 (GCVE-0-2024-31175)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 15:24
VLAI?
Title
NULL Pointer Dereference in libfluid_msg library
Summary
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TablePropertiesList::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
5.3 (Medium)
CWE
- CWE-690 - Unchecked Return Value to NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31175",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:23:30.997830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:24:02.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::TablePropertiesList::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of13::TablePropertiesList::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::TablePropertiesList::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-690",
"description": "CWE-690 Unchecked Return Value to NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:26.450Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31175"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NULL Pointer Dereference in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31175",
"datePublished": "2024-09-18T13:56:26.450Z",
"dateReserved": "2024-03-29T08:24:13.202Z",
"dateUpdated": "2024-09-18T15:24:02.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31174 (GCVE-0-2024-31174)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:14
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::FeaturesReply::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31174",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:14:35.366382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:14:56.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::FeaturesReply::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::FeaturesReply::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::FeaturesReply::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:19.235Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31174"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31174",
"datePublished": "2024-09-18T13:56:19.235Z",
"dateReserved": "2024-03-29T08:24:13.202Z",
"dateUpdated": "2024-09-18T17:14:56.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31173 (GCVE-0-2024-31173)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:15
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyFlow::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31173",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:15:12.631698Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:15:29.669Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::StatsReplyFlow::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::StatsReplyFlow::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::StatsReplyFlow::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:11.685Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31173"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31173",
"datePublished": "2024-09-18T13:56:11.685Z",
"dateReserved": "2024-03-29T08:24:11.092Z",
"dateUpdated": "2024-09-18T17:15:29.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31172 (GCVE-0-2024-31172)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:16
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyTable::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31172",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:15:48.327204Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:16:08.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::StatsReplyTable::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::StatsReplyTable::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::StatsReplyTable::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:04.027Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31172"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31172",
"datePublished": "2024-09-18T13:56:04.027Z",
"dateReserved": "2024-03-29T08:24:11.092Z",
"dateUpdated": "2024-09-18T17:16:08.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31171 (GCVE-0-2024-31171)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:55 – Updated: 2024-09-18 17:16
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyPort::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31171",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:16:36.949859Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:16:56.067Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::StatsReplyPort::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::StatsReplyPort::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::StatsReplyPort::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:55:55.797Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31171"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31171",
"datePublished": "2024-09-18T13:55:55.797Z",
"dateReserved": "2024-03-29T08:24:11.092Z",
"dateUpdated": "2024-09-18T17:16:56.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31170 (GCVE-0-2024-31170)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:55 – Updated: 2024-09-18 17:20
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyQueue::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:19:54.391853Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:20:13.655Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::StatsReplyQueue::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::StatsReplyQueue::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::StatsReplyQueue::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:55:49.141Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31170"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31170",
"datePublished": "2024-09-18T13:55:49.141Z",
"dateReserved": "2024-03-29T08:24:11.091Z",
"dateUpdated": "2024-09-18T17:20:13.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31169 (GCVE-0-2024-31169)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:55 – Updated: 2024-09-18 17:20
VLAI?
Title
Out-of-bounds Read in libfluid_msg library
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::QueueGetConfigReply::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31169",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:20:31.388329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:20:51.841Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::QueueGetConfigReply::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::QueueGetConfigReply::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::QueueGetConfigReply::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:55:35.569Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31169"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31169",
"datePublished": "2024-09-18T13:55:35.569Z",
"dateReserved": "2024-03-29T08:24:11.091Z",
"dateUpdated": "2024-09-18T17:20:51.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}