Search criteria
37 vulnerabilities by Open Networking Foundation (ONF)
CVE-2024-31198 (GCVE-0-2024-31198)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:59 – Updated: 2024-09-18 15:13
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack.
This issue affects libfluid: 0.1.0.
Severity ?
5.3 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31198",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T14:55:00.476016Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:13:36.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::Port:unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::Port:unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::Port:unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:59:19.379Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31198"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31198",
"datePublished": "2024-09-18T13:59:19.379Z",
"dateReserved": "2024-03-29T08:24:16.652Z",
"dateUpdated": "2024-09-18T15:13:36.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31197 (GCVE-0-2024-31197)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:59 – Updated: 2024-09-18 15:25
VLAI?
Summary
Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack.
This issue affects libfluid: 0.1.0.
Severity ?
5.3 (Medium)
CWE
- CWE-170 - Improper Null Termination
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31197",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:18:04.198528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:25:14.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::Port:unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::Port:unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::Port:unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-170",
"description": "CWE-170 Improper Null Termination",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:59:12.331Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31197"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Null Termination in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31197",
"datePublished": "2024-09-18T13:59:12.331Z",
"dateReserved": "2024-03-29T08:24:16.652Z",
"dateUpdated": "2024-09-18T15:25:14.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31196 (GCVE-0-2024-31196)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:59 – Updated: 2024-09-18 15:28
VLAI?
Summary
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::ActionList::unpack10.
This issue affects libfluid: 0.1.0.
Severity ?
5.3 (Medium)
CWE
- CWE-690 - Unchecked Return Value to NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31196",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:27:37.117346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:28:32.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::ActionList::unpack10"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::ActionList::unpack10\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::ActionList::unpack10.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-690",
"description": "CWE-690 Unchecked Return Value to NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:59:05.532Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31196"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NULL Pointer Dereference in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31196",
"datePublished": "2024-09-18T13:59:05.532Z",
"dateReserved": "2024-03-29T08:24:16.652Z",
"dateUpdated": "2024-09-18T15:28:32.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31195 (GCVE-0-2024-31195)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:29
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31195",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:28:51.254805Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:29:21.659Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:58.395Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31195"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31195",
"datePublished": "2024-09-18T13:58:58.395Z",
"dateReserved": "2024-03-29T08:24:16.652Z",
"dateUpdated": "2024-09-18T15:29:21.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31194 (GCVE-0-2024-31194)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:30
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortStats::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31194",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:29:47.807826Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:30:19.011Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortStats::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortStats::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:50.195Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31194"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31194",
"datePublished": "2024-09-18T13:58:50.195Z",
"dateReserved": "2024-03-29T08:24:16.652Z",
"dateUpdated": "2024-09-18T15:30:19.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31193 (GCVE-0-2024-31193)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:32
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:31:47.114995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:32:28.107Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:42.560Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31193"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31193",
"datePublished": "2024-09-18T13:58:42.560Z",
"dateReserved": "2024-03-29T08:24:14.801Z",
"dateUpdated": "2024-09-18T15:32:28.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31192 (GCVE-0-2024-31192)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:38
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31192",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:37:54.314421Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:38:38.187Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:36.083Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31192"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31192",
"datePublished": "2024-09-18T13:58:36.083Z",
"dateReserved": "2024-03-29T08:24:14.801Z",
"dateUpdated": "2024-09-18T15:38:38.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31191 (GCVE-0-2024-31191)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:39
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:38:54.853615Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:39:25.540Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:29.821Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31191"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31191",
"datePublished": "2024-09-18T13:58:29.821Z",
"dateReserved": "2024-03-29T08:24:14.801Z",
"dateUpdated": "2024-09-18T15:39:25.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31190 (GCVE-0-2024-31190)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:48
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeterConfig::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:45:44.678790Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:48:13.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeterConfig::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeterConfig::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:22.935Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31190"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31190",
"datePublished": "2024-09-18T13:58:22.935Z",
"dateReserved": "2024-03-29T08:24:14.801Z",
"dateUpdated": "2024-09-18T15:48:13.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31189 (GCVE-0-2024-31189)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:49
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartRequestTableFeatures::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31189",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:48:33.903000Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:49:55.840Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartRequestTableFeatures::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartRequestTableFeatures::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:13.572Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31189"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31189",
"datePublished": "2024-09-18T13:58:13.572Z",
"dateReserved": "2024-03-29T08:24:14.800Z",
"dateUpdated": "2024-09-18T15:49:55.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31188 (GCVE-0-2024-31188)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:58 – Updated: 2024-09-18 15:50
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTableFeatures::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31188",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:50:12.652443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:50:36.674Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTableFeatures::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTableFeatures::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:58:06.828Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31188"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31188",
"datePublished": "2024-09-18T13:58:06.828Z",
"dateReserved": "2024-03-29T08:24:14.800Z",
"dateUpdated": "2024-09-18T15:50:36.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31187 (GCVE-0-2024-31187)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 15:51
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortDescription::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31187",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:50:55.475034Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:51:22.751Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortDescription::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortDescription::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:59.801Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31187"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31187",
"datePublished": "2024-09-18T13:57:59.801Z",
"dateReserved": "2024-03-29T08:24:14.800Z",
"dateUpdated": "2024-09-18T15:51:22.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31186 (GCVE-0-2024-31186)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 15:52
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::QueueGetConfigReply::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31186",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:51:49.312116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:52:19.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine fluid_msg::of13::QueueGetConfigReply::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::QueueGetConfigReply::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:51.823Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31186"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31186",
"datePublished": "2024-09-18T13:57:51.823Z",
"dateReserved": "2024-03-29T08:24:14.800Z",
"dateUpdated": "2024-09-18T15:52:19.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31185 (GCVE-0-2024-31185)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 17:12
VLAI?
Summary
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MeterBandList::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
5.3 (Medium)
CWE
- CWE-690 - Unchecked Return Value to NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31185",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:11:32.772148Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:12:09.394Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::QueuePropertyList::unpack10"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;fluid_msg::of13::MeterBandList::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::MeterBandList::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-690",
"description": "CWE-690 Unchecked Return Value to NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:43.147Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31185"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NULL Pointer Dereference in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31185",
"datePublished": "2024-09-18T13:57:43.147Z",
"dateReserved": "2024-03-29T08:24:14.800Z",
"dateUpdated": "2024-09-18T17:12:09.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31184 (GCVE-0-2024-31184)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 17:12
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MeterStats::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31184",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:12:23.540398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:12:39.993Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;fluid_msg::of13::MeterStats::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::MeterStats::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:35.823Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31184"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31184",
"datePublished": "2024-09-18T13:57:35.823Z",
"dateReserved": "2024-03-29T08:24:14.800Z",
"dateUpdated": "2024-09-18T17:12:39.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31183 (GCVE-0-2024-31183)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 17:13
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::Hello::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31183",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:12:53.431103Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:13:10.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;fluid_msg::of13::Hello::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::Hello::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:28.799Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31183"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31183",
"datePublished": "2024-09-18T13:57:28.799Z",
"dateReserved": "2024-03-29T08:24:13.203Z",
"dateUpdated": "2024-09-18T17:13:10.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31182 (GCVE-0-2024-31182)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 15:22
VLAI?
Summary
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::QueuePropertyList::unpack10.
This issue affects libfluid: 0.1.0.
Severity ?
5.3 (Medium)
CWE
- CWE-690 - Unchecked Return Value to NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31182",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:21:28.671567Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:22:59.108Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::QueuePropertyList::unpack10"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::QueuePropertyList::unpack10\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::QueuePropertyList::unpack10.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-690",
"description": "CWE-690 Unchecked Return Value to NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:21.605Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31182"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NULL Pointer Dereference in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31182",
"datePublished": "2024-09-18T13:57:21.605Z",
"dateReserved": "2024-03-29T08:24:13.203Z",
"dateUpdated": "2024-09-18T15:22:59.108Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31181 (GCVE-0-2024-31181)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 17:13
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::GroupStats::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31181",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:13:23.581713Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:13:42.767Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;fluid_msg::of13::GroupStats::unpack.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::GroupStats::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:13.375Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31181"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31181",
"datePublished": "2024-09-18T13:57:13.375Z",
"dateReserved": "2024-03-29T08:24:13.203Z",
"dateUpdated": "2024-09-18T17:13:42.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31180 (GCVE-0-2024-31180)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:57 – Updated: 2024-09-18 17:14
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::GroupDesc::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31180",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:13:56.354602Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:14:14.942Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::GroupDesc::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of13::GroupDesc::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::GroupDesc::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:57:06.338Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31180"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31180",
"datePublished": "2024-09-18T13:57:06.338Z",
"dateReserved": "2024-03-29T08:24:13.203Z",
"dateUpdated": "2024-09-18T17:14:14.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31179 (GCVE-0-2024-31179)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:17
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropInstruction::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31179",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:17:23.883399Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:17:44.670Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::TableFeaturePropInstruction::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of13::TableFeaturePropInstruction::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::TableFeaturePropInstruction::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:57.810Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31179"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31179",
"datePublished": "2024-09-18T13:56:57.810Z",
"dateReserved": "2024-03-29T08:24:13.203Z",
"dateUpdated": "2024-09-18T17:17:44.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31178 (GCVE-0-2024-31178)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:18
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropNextTables::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31178",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:17:58.922454Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:18:17.010Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::TableFeaturePropNextTables::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of13::TableFeaturePropNextTables::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::TableFeaturePropNextTables::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:49.123Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31178"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31178",
"datePublished": "2024-09-18T13:56:49.123Z",
"dateReserved": "2024-03-29T08:24:13.202Z",
"dateUpdated": "2024-09-18T17:18:17.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31177 (GCVE-0-2024-31177)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:18
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg modules). This vulnerability is associated with program routines fluid_msg::of13::TableFeaturePropActions::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31177",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:18:32.594771Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:18:53.574Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::TableFeaturePropActions::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg modules).\u003cp\u003e This vulnerability is associated with program routines \u003ctt\u003efluid_msg::of13::TableFeaturePropActions::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg modules). This vulnerability is associated with program routines fluid_msg::of13::TableFeaturePropActions::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:40.883Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31177"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31177",
"datePublished": "2024-09-18T13:56:40.883Z",
"dateReserved": "2024-03-29T08:24:13.202Z",
"dateUpdated": "2024-09-18T17:18:53.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31176 (GCVE-0-2024-31176)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:19
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropOXM::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31176",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:19:21.363550Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:19:39.056Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::TableFeaturePropOXM::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of13::TableFeaturePropOXM::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::TableFeaturePropOXM::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:33.963Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31176"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31176",
"datePublished": "2024-09-18T13:56:33.963Z",
"dateReserved": "2024-03-29T08:24:13.202Z",
"dateUpdated": "2024-09-18T17:19:39.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31175 (GCVE-0-2024-31175)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 15:24
VLAI?
Summary
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TablePropertiesList::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
5.3 (Medium)
CWE
- CWE-690 - Unchecked Return Value to NULL Pointer Dereference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31175",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T15:23:30.997830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T15:24:02.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of13::TablePropertiesList::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of13::TablePropertiesList::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of13::TablePropertiesList::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-690",
"description": "CWE-690 Unchecked Return Value to NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:26.450Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31175"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NULL Pointer Dereference in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31175",
"datePublished": "2024-09-18T13:56:26.450Z",
"dateReserved": "2024-03-29T08:24:13.202Z",
"dateUpdated": "2024-09-18T15:24:02.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31174 (GCVE-0-2024-31174)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:14
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::FeaturesReply::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31174",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:14:35.366382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:14:56.200Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::FeaturesReply::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::FeaturesReply::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::FeaturesReply::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:19.235Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31174"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31174",
"datePublished": "2024-09-18T13:56:19.235Z",
"dateReserved": "2024-03-29T08:24:13.202Z",
"dateUpdated": "2024-09-18T17:14:56.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31173 (GCVE-0-2024-31173)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:15
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyFlow::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31173",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:15:12.631698Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:15:29.669Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::StatsReplyFlow::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::StatsReplyFlow::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::StatsReplyFlow::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:11.685Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31173"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31173",
"datePublished": "2024-09-18T13:56:11.685Z",
"dateReserved": "2024-03-29T08:24:11.092Z",
"dateUpdated": "2024-09-18T17:15:29.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31172 (GCVE-0-2024-31172)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:56 – Updated: 2024-09-18 17:16
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyTable::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31172",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:15:48.327204Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:16:08.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::StatsReplyTable::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::StatsReplyTable::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::StatsReplyTable::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:56:04.027Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31172"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31172",
"datePublished": "2024-09-18T13:56:04.027Z",
"dateReserved": "2024-03-29T08:24:11.092Z",
"dateUpdated": "2024-09-18T17:16:08.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31171 (GCVE-0-2024-31171)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:55 – Updated: 2024-09-18 17:16
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyPort::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31171",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:16:36.949859Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:16:56.067Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::StatsReplyPort::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::StatsReplyPort::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::StatsReplyPort::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:55:55.797Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31171"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31171",
"datePublished": "2024-09-18T13:55:55.797Z",
"dateReserved": "2024-03-29T08:24:11.092Z",
"dateUpdated": "2024-09-18T17:16:56.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31170 (GCVE-0-2024-31170)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:55 – Updated: 2024-09-18 17:20
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyQueue::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:19:54.391853Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:20:13.655Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::StatsReplyQueue::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::StatsReplyQueue::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::StatsReplyQueue::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:55:49.141Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31170"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31170",
"datePublished": "2024-09-18T13:55:49.141Z",
"dateReserved": "2024-03-29T08:24:11.091Z",
"dateUpdated": "2024-09-18T17:20:13.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31169 (GCVE-0-2024-31169)
Vulnerability from cvelistv5 – Published: 2024-09-18 13:55 – Updated: 2024-09-18 17:20
VLAI?
Summary
Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::QueueGetConfigReply::unpack.
This issue affects libfluid: 0.1.0.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Open Networking Foundation (ONF) | libfluid |
Affected:
0.1.0
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libfluid",
"vendor": "open_networking_foundation",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31169",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T17:20:31.388329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T17:20:51.841Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://opennetworkingfoundation.github.io/libfluid/",
"defaultStatus": "unaffected",
"modules": [
"libfluid_msg"
],
"product": "libfluid",
"programRoutines": [
{
"name": "fluid_msg::of10::QueueGetConfigReply::unpack"
}
],
"vendor": "Open Networking Foundation (ONF)",
"versions": [
{
"status": "affected",
"version": "0.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module).\u003cp\u003e This vulnerability is associated with program routine\u0026nbsp;\u003ctt\u003efluid_msg::of10::QueueGetConfigReply::unpack\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects libfluid: 0.1.0.\u003c/p\u003e"
}
],
"value": "Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine\u00a0fluid_msg::of10::QueueGetConfigReply::unpack.\n\nThis issue affects libfluid: 0.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T13:55:35.569Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31169"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Read in libfluid_msg library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUntil a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31169",
"datePublished": "2024-09-18T13:55:35.569Z",
"dateReserved": "2024-03-29T08:24:11.091Z",
"dateUpdated": "2024-09-18T17:20:51.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}