{"vulnerability": "cve-2024-2571", "sightings": [{"uuid": "8d12e570-24c3-4e70-b2ec-c503c0071859", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25710", "type": "seen", "source": "https://t.me/arpsyndicate/3540", "content": "#ExploitObserverAlert\n\nCVE-2024-25710\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25710. Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0.  Users are recommended to upgrade to version 1.26.0 which fixes the issue.", "creation_timestamp": "2024-02-20T05:10:16.000000Z"}, {"uuid": "198faeb9-9344-4c1f-b5f2-a5818b97fcbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25712", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18491", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25712\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: http-swagger before 1.2.6 allows XSS via PUT requests, because a file that has been uploaded (via httpSwagger.WrapHandler and *webdav.memFile) can subsequently be accessed via a GET request. NOTE: this is independently fixable with respect to CVE-2022-24863, because (if a solution continued to allow PUT requests) large files could have been blocked without blocking JavaScript, or JavaScript could have been blocked without blocking large files.\n\ud83d\udccf Published: 2024-02-11T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-16T18:20:18.592Z\n\ud83d\udd17 References:\n1. https://cosmosofcyberspace.github.io/improper_http_method_leads_to_xss/poc.html\n2. https://github.com/swaggo/http-swagger/releases/tag/v1.2.6", "creation_timestamp": "2025-06-16T18:38:39.000000Z"}, {"uuid": "8db57cef-724a-406d-9856-66d27ba8f142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25715", "type": "seen", "source": "https://t.me/ctinow/198728", "content": "https://ift.tt/K5RVLSg\nCVE-2024-25715 | Glewlwyd SSO Server up to 2.7.6 redirect_uri", "creation_timestamp": "2024-03-03T13:47:06.000000Z"}, {"uuid": "cf9dd81b-c74d-4a6e-a4ff-c9f8f3445e95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25718", "type": "seen", "source": "https://t.me/arpsyndicate/3513", "content": "#ExploitObserverAlert\n\nCVE-2024-25718\n\nDESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2024-25718. In the Samly package before 1.4.0 for Elixir, Samly.State.Store.get_assertion/3 can return an expired session, which interferes with access control because Samly.AuthHandler uses a cached session and does not replace it, even after expiry.\n\nFIRST-EPSS: 0.000440000", "creation_timestamp": "2024-02-13T02:13:03.000000Z"}, {"uuid": "17bf5670-9f46-4aa2-91d2-d9ae88116cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2571", "type": "seen", "source": "https://t.me/ctinow/209969", "content": "https://ift.tt/iVwrZf8\nCVE-2024-2571 | SourceCodester Employee Task Management System 1.0 /manage-admin.php redirect", "creation_timestamp": "2024-03-17T15:51:32.000000Z"}, {"uuid": "23cbc214-81d0-4334-b107-b7c31ed7f467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2571", "type": "seen", "source": "https://t.me/ctinow/210113", "content": "https://ift.tt/X1UPWsT\nCVE-2024-2571", "creation_timestamp": "2024-03-18T02:21:55.000000Z"}, {"uuid": "3edf57d9-8f1e-4a30-9c0f-56af41bd96e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25710", "type": "seen", "source": "https://t.me/ctinow/203198", "content": "https://ift.tt/WE1jKor\nCVE-2024-25710 | Apache Commons Compress up to 1.25.0 infinite loop", "creation_timestamp": "2024-03-08T10:22:13.000000Z"}, {"uuid": "3a7035bb-3607-427c-b1fa-adaeeb36ecd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2571", "type": "seen", "source": "https://t.me/ctinow/210120", "content": "https://ift.tt/X1UPWsT\nCVE-2024-2571", "creation_timestamp": "2024-03-18T02:26:50.000000Z"}, {"uuid": "fc6bce43-346e-48ca-ba76-28af5cec7c9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25718", "type": "seen", "source": "https://t.me/ctinow/182692", "content": "https://ift.tt/49LyCRU\nCVE-2024-25718", "creation_timestamp": "2024-02-11T06:26:51.000000Z"}, {"uuid": "3c38673c-4073-4044-b327-916993a48abc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25710", "type": "seen", "source": "https://t.me/ctinow/202626", "content": "https://ift.tt/894PYOw\nCVE-2024-25710 Apache Commons Compress Vulnerability in NetApp Products", "creation_timestamp": "2024-03-07T18:32:24.000000Z"}, {"uuid": "366f2a2a-4c0c-4c71-a37f-bcd756878c6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25711", "type": "seen", "source": "https://t.me/ctinow/193951", "content": "https://ift.tt/qKsryD6\nCVE-2024-25711", "creation_timestamp": "2024-02-27T03:22:07.000000Z"}, {"uuid": "5bd99d5e-dd64-4b2f-8ca3-c5f8dce86f47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25710", "type": "seen", "source": "https://t.me/ctinow/187943", "content": "https://ift.tt/BRFKza9\nCVE-2024-25710", "creation_timestamp": "2024-02-19T22:01:42.000000Z"}, {"uuid": "f0966846-7b4d-4437-a1f1-464fd52f5c46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25710", "type": "seen", "source": "https://t.me/ctinow/187558", "content": "https://ift.tt/lI74fiF\nCVE-2024-25710", "creation_timestamp": "2024-02-19T10:26:12.000000Z"}, {"uuid": "46a0f39e-5e88-46cb-85a8-7200bb590a53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25710", "type": "seen", "source": "https://t.me/ctinow/187556", "content": "https://ift.tt/lI74fiF\nCVE-2024-25710", "creation_timestamp": "2024-02-19T10:21:45.000000Z"}, {"uuid": "2ad46379-9a70-4496-949d-d20b2d8a6480", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25711", "type": "seen", "source": "https://t.me/ctinow/193961", "content": "https://ift.tt/qKsryD6\nCVE-2024-25711", "creation_timestamp": "2024-02-27T03:31:38.000000Z"}, {"uuid": "c63dfe76-6794-49c9-a186-61556caf2f52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25715", "type": "seen", "source": "https://t.me/ctinow/182685", "content": "https://ift.tt/YN8nVvX\nCVE-2024-25715", "creation_timestamp": "2024-02-11T04:26:24.000000Z"}, {"uuid": "609a6db1-f3b9-452a-a2b9-72260bf2b8a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25714", "type": "seen", "source": "https://t.me/ctinow/182684", "content": "https://ift.tt/BczlJSK\nCVE-2024-25714", "creation_timestamp": "2024-02-11T04:26:23.000000Z"}]}