CVE-2024-47175 (GCVE-0-2024-47175)

Vulnerability from cvelistv5 – Published: 2024-09-26 21:18 – Updated: 2025-11-03 22:20
VLAI
Title
libppd's ppdCreatePPDFromIPP2 function does not sanitize IPP attributes when creating the PPD buffer
Summary
CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176.
Severity
8.6 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
SSVC
Exploitation: poc Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-20 - Improper Input Validation
Assigner
References
Impacted products
Vendor Product Version
OpenPrinting libppd Affected: <= 2.1b1
Create a notification for this product.
openprinting libppd Affected: 0 , ≤ 2.1b1 (custom)
    cpe:2.3:a:openprinting:libppd:*:*:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T22:20:02.661Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/09/27/3"
          },
          {
            "url": "https://github.com/OpenPrinting/libppd/commit/d681747ebf12602cb426725eb8ce2753211e2477"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00047.html"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20241011-0001/"
          },
          {
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0016"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:openprinting:libppd:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "libppd",
            "vendor": "openprinting",
            "versions": [
              {
                "lessThanOrEqual": "2.1b1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47175",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-27T14:43:04.963185Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-27T14:43:16.814Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "libppd",
          "vendor": "OpenPrinting",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c= 2.1b1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-26T21:18:25.265Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6"
        },
        {
          "name": "https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8"
        },
        {
          "name": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47"
        },
        {
          "name": "https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5"
        },
        {
          "name": "https://www.cups.org",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.cups.org"
        },
        {
          "name": "https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I"
        }
      ],
      "source": {
        "advisory": "GHSA-7xfx-47qg-grp6",
        "discovery": "UNKNOWN"
      },
      "title": "libppd\u0027s ppdCreatePPDFromIPP2 function does not sanitize IPP attributes when creating the PPD buffer"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-47175",
    "datePublished": "2024-09-26T21:18:25.265Z",
    "dateReserved": "2024-09-19T22:32:11.962Z",
    "dateUpdated": "2025-11-03T22:20:02.661Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-47175",
      "date": "2026-06-17",
      "epss": "0.73062",
      "percentile": "0.99383"
    },
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176.\"}, {\"lang\": \"es\", \"value\": \"CUPS es un sistema de impresi\\u00f3n de c\\u00f3digo abierto basado en est\\u00e1ndares, y `libppd` se puede utilizar para la compatibilidad con archivos PPD heredados. La funci\\u00f3n `libppd` `ppdCreatePPDFromIPP2` no desinfecta los atributos IPP al crear el b\\u00fafer PPD. Cuando se utiliza en combinaci\\u00f3n con otras funciones como `cfGetPrinterAttributes5`, puede dar lugar a una entrada controlada por el usuario y, en \\u00faltima instancia, a la ejecuci\\u00f3n de c\\u00f3digo a trav\\u00e9s de Foomatic. Esta vulnerabilidad puede ser parte de una cadena de explotaci\\u00f3n que conduce a la ejecuci\\u00f3n remota de c\\u00f3digo (RCE), como se describe en CVE-2024-47176.\"}]",
      "id": "CVE-2024-47175",
      "lastModified": "2024-11-21T09:39:28.730",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N\", \"baseScore\": 8.6, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 4.0}]}",
      "published": "2024-09-26T22:15:04.283",
      "references": "[{\"url\": \"https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://www.cups.org\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/09/27/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/OpenPrinting/libppd/commit/d681747ebf12602cb426725eb8ce2753211e2477\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/09/msg00047.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-47175\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-09-26T22:15:04.283\",\"lastModified\":\"2025-11-03T23:16:12.573\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176.\"},{\"lang\":\"es\",\"value\":\"CUPS es un sistema de impresi\u00f3n de c\u00f3digo abierto basado en est\u00e1ndares, y `libppd` se puede utilizar para la compatibilidad con archivos PPD heredados. La funci\u00f3n `libppd` `ppdCreatePPDFromIPP2` no desinfecta los atributos IPP al crear el b\u00fafer PPD. Cuando se utiliza en combinaci\u00f3n con otras funciones como `cfGetPrinterAttributes5`, puede dar lugar a una entrada controlada por el usuario y, en \u00faltima instancia, a la ejecuci\u00f3n de c\u00f3digo a trav\u00e9s de Foomatic. Esta vulnerabilidad puede ser parte de una cadena de explotaci\u00f3n que conduce a la ejecuci\u00f3n remota de c\u00f3digo (RCE), como se describe en CVE-2024-47176.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":4.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openprinting:libppd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.0.0\",\"matchCriteriaId\":\"437F33D0-6C0F-47CD-BA2A-FDA74EC56E9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openprinting:libppd:2.1:beta1*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE7A2580-DE26-4217-8AB8-B6031294A18B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}],\"references\":[{\"url\":\"https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://www.cups.org\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/09/27/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://github.com/OpenPrinting/libppd/commit/d681747ebf12602cb426725eb8ce2753211e2477\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/09/msg00047.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0016\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20241011-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2024/09/27/3\"}, {\"url\": \"https://github.com/OpenPrinting/libppd/commit/d681747ebf12602cb426725eb8ce2753211e2477\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/09/msg00047.html\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20241011-0001/\"}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0016\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T22:20:02.661Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-47175\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-27T14:43:04.963185Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:openprinting:libppd:*:*:*:*:*:*:*:*\"], \"vendor\": \"openprinting\", \"product\": \"libppd\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2.1b1\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-27T14:42:56.287Z\"}}], \"cna\": {\"title\": \"libppd\u0027s ppdCreatePPDFromIPP2 function does not sanitize IPP attributes when creating the PPD buffer\", \"source\": {\"advisory\": \"GHSA-7xfx-47qg-grp6\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"OpenPrinting\", \"product\": \"libppd\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c= 2.1b1\"}]}], \"references\": [{\"url\": \"https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6\", \"name\": \"https://github.com/OpenPrinting/libppd/security/advisories/GHSA-7xfx-47qg-grp6\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8\", \"name\": \"https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47\", \"name\": \"https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-p9rh-jxmq-gq47\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5\", \"name\": \"https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-w63j-6g73-wmg5\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.cups.org\", \"name\": \"https://www.cups.org\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I\", \"name\": \"https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20: Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-09-26T21:18:25.265Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-47175\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T22:20:02.661Z\", \"dateReserved\": \"2024-09-19T22:32:11.962Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-09-26T21:18:25.265Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.