{"vulnerability": "CVE-2024-54676", "sightings": [{"uuid": "1cee8a13-63b4-4940-b8b8-3ff63d959c11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lfcb7nuplx27", "content": "", "creation_timestamp": "2025-01-09T08:30:44.431366Z"}, {"uuid": "8e1a59f7-4fbb-499a-9c00-c1b786627af1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf7yqilqjl2b", "content": "", "creation_timestamp": "2025-01-08T10:53:48.743000Z"}, {"uuid": "106bde25-3d4f-4e2a-bffe-f67733af1f4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lfbqhn5rm22e", "content": "", "creation_timestamp": "2025-01-09T03:30:59.709520Z"}, {"uuid": "dddbf455-a6e0-4643-9b9b-0eea541bef09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113793283551001884", "content": "", "creation_timestamp": "2025-01-08T14:48:31.230396Z"}, {"uuid": "aa3a013d-6d19-4d4f-ba49-701f2f0a91fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-54676", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lfc3eicsts2j", "content": "", "creation_timestamp": "2025-01-09T06:46:03.495130Z"}, {"uuid": "0ffd4053-03f6-489b-852c-43d2aaf3dfea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lf7klrih772u", "content": "", "creation_timestamp": "2025-01-08T06:40:34.598944Z"}, {"uuid": "1adb5860-98e7-4636-bcd8-0d831e7a43c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113791840182143844", "content": "", "creation_timestamp": "2025-01-08T08:41:28.361800Z"}, {"uuid": "9a832524-3fa5-4e97-ab6f-e726e74e5d6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf7tbdmbtk2i", "content": "", "creation_timestamp": "2025-01-08T09:15:48.069542Z"}, {"uuid": "6ccca292-2c4d-41d8-b05c-c0d172a3dbf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://t.me/cvedetector/14674", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54676 - Apache OpenMeetings Object Deserialization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-54676 \nPublished : Jan. 8, 2025, 9:15 a.m. | 30\u00a0minutes ago \nDescription : Vendor: The Apache Software Foundation  \n  \nVersions Affected: Apache OpenMeetings from 2.1.0 before 8.0.0  \n  \nDescription: Default clustering instructions at   \u00a0doesn't specify white/black lists for OpenJPA this leads to possible deserialisation of untrusted data.  \nUsers are recommended to upgrade to version 8.0.0 and update their startup scripts to include the relevant 'openjpa.serialization.class.blacklist' and 'openjpa.serialization.class.whitelist' configurations as shown in the documentation. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-08T10:47:49.000000Z"}, {"uuid": "e07ec5a4-a1f7-4e6f-ae11-ffb88ce6541e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/678", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54676\n\ud83d\udd39 Description: Vendor: The Apache Software Foundation\n\nVersions Affected: Apache OpenMeetings from 2.1.0 before 8.0.0\n\nDescription: Default clustering instructions at  https://openmeetings.apache.org/Clustering.html \u00a0doesn't specify white/black lists for OpenJPA this leads to possible deserialisation of untrusted data.\nUsers are recommended to upgrade to version 8.0.0 and update their startup scripts to include the relevant 'openjpa.serialization.class.blacklist' and 'openjpa.serialization.class.whitelist' configurations as shown in the documentation.\n\ud83d\udccf Published: 2025-01-08T08:40:03.705Z\n\ud83d\udccf Modified: 2025-01-08T09:02:51.250Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/o0k05jxrt5tp4nm45lj14yfjxmg67m95", "creation_timestamp": "2025-01-08T09:12:18.000000Z"}, {"uuid": "4377e1cc-0777-4590-a5d7-ed0295dd5c44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://t.me/CyberBulletin/2015", "content": "\u26a1\ufe0fApache OpenMeetings Users Urged to Patch Critical Flaw \u2013 CVE-2024-54676 (CVSS 9.8).\n\n#CyberBulletin", "creation_timestamp": "2025-01-09T05:36:33.000000Z"}]}