{"vulnerability": "cve-2024-4320", "sightings": [{"uuid": "50e6115a-449d-47f1-9216-1fe4c6264c74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43204", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/22", "content": "", "creation_timestamp": "2025-07-10T15:40:08.000000Z"}, {"uuid": "483981f6-3f24-4408-83d1-ad6278c392ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43204", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3ltnpxyrxfk2s", "content": "", "creation_timestamp": "2025-07-11T01:46:56.164954Z"}, {"uuid": "b95595f9-97ed-40e9-bed3-1d82260de59b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43204", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114830011674092966", "content": "", "creation_timestamp": "2025-07-10T17:02:07.245136Z"}, {"uuid": "f3151b33-9e1e-4457-b78c-57c19779325c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-43204", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875", "content": "", "creation_timestamp": "2026-01-21T21:18:16.771453Z"}, {"uuid": "4b6686f4-ba15-449a-b93d-03d7f5d74a3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43204", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ltmvwxcrcn2o", "content": "", "creation_timestamp": "2025-07-10T18:01:00.421064Z"}, {"uuid": "fc06152b-25e6-42aa-a4c7-3e7015d09a70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43201", "type": "seen", "source": "https://t.me/cvedetector/6212", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43201 - Planet Fitness Workouts TLS Certificate Validation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43201 \nPublished : Sept. 23, 2024, 8:15 p.m. | 39\u00a0minutes ago \nDescription : The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024-07-25) fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-23T23:00:43.000000Z"}, {"uuid": "347df059-eb87-4039-afd9-8ebf094d826c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43202", "type": "published-proof-of-concept", "source": "Telegram/9rrZvfszAHZD2Hy5bgM2y6D8Ak30deFhbRog-CCMeIQg31E", "content": "", "creation_timestamp": "2025-12-15T21:00:05.000000Z"}, {"uuid": "0fb03161-2143-4558-9547-ae02859e1658", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43201", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5951", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-43201\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The Planet Fitness Workouts iOS and Android mobile apps fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information. Planet Fitness first addressed this vulnerability in version 9.8.12 (released on 2024-07-25) and more recently in version 9.9.13 (released on 2025-02-11).\n\ud83d\udccf Published: 2024-09-23T19:11:39.193Z\n\ud83d\udccf Modified: 2025-02-28T17:23:31.051Z\n\ud83d\udd17 References:\n1. https://apps.apple.com/us/app/planet-fitness-workouts/id399857015\n2. https://dontvacuum.me/bugs/pf/", "creation_timestamp": "2025-02-28T18:26:38.000000Z"}, {"uuid": "48a6fb6c-4f89-4333-b1bb-1a70e9531617", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43202", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/10759", "content": "\u200aCVE-2024-43202: RCE Vulnerability Discovered in Apache DolphinScheduler\n\nhttps://securityonline.info/cve-2024-43202-rce-vulnerability-discovered-in-apache-dolphinscheduler/", "creation_timestamp": "2024-08-21T06:52:17.000000Z"}, {"uuid": "b09fabb2-f684-4df7-a866-9d3a4c33dfec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43201", "type": "seen", "source": "Telegram/S4hSI_m4ZBIsMh9ALdF-0QLCuU2-pH9zm01uVL3k81mKYYVW", "content": "", "creation_timestamp": "2025-03-02T11:45:38.000000Z"}, {"uuid": "4a312a64-340f-44fc-9434-bf8a3546bb76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43202", "type": "seen", "source": "https://t.me/cvedetector/3607", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43202 - Apache DolphinScheduler Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43202 \nPublished : Aug. 20, 2024, 8:15 a.m. | 40\u00a0minutes ago \nDescription : Exposure of Remote Code Execution in Apache Dolphinscheduler.  \n  \nThis issue affects Apache DolphinScheduler: before 3.2.2.   \n  \nWe recommend users to upgrade Apache DolphinScheduler to version 3.2.2, which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T11:16:32.000000Z"}]}