{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2914", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-03-26T14:05:08.782Z", "datePublished": "2024-06-06T17:55:55.145Z", "dateUpdated": "2024-08-01T19:25:42.176Z"}, "containers": {"cna": {"title": "TarSlip Vulnerability in deepjavalibrary/djl", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-06-06T17:56:47.210Z"}, "descriptions": [{"lang": "en", "value": "A TarSlip vulnerability exists in the deepjavalibrary/djl, affecting version 0.26.0 and fixed in version 0.27.0. This vulnerability allows an attacker to manipulate file paths within tar archives to overwrite arbitrary files on the target system. Exploitation of this vulnerability could lead to remote code execution, privilege escalation, data theft or manipulation, and denial of service. The vulnerability is due to improper validation of file paths during the extraction of tar files, as demonstrated in multiple occurrences within the library's codebase, including but not limited to the files_util.py and extract_imagenet.py scripts."}], "affected": [{"vendor": "deepjavalibrary", "product": "deepjavalibrary/djl", "versions": [{"version": "unspecified", "lessThan": "0.27.0", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/b064bd2f-bf6e-4fc0-898e-7d02a9b97e24"}, {"url": "https://github.com/deepjavalibrary/djl/commit/5235be508cec9e8cb6f496a4ed2fa40e4f62c370"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-29 Path Traversal: '\\..\\filename'", "cweId": "CWE-29"}]}], "source": {"advisory": "b064bd2f-bf6e-4fc0-898e-7d02a9b97e24", "discovery": "EXTERNAL"}}, "adp": [{"affected": [{"vendor": "deepjavalibrary", "product": "djl", "cpes": ["cpe:2.3:a:deepjavalibrary:djl:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "026.0", "status": "affected", "lessThan": "0.27.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-07T19:42:49.991428Z", "id": "CVE-2024-2914", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-07T19:44:54.920Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:25:42.176Z"}, "title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/b064bd2f-bf6e-4fc0-898e-7d02a9b97e24", "tags": ["x_transferred"]}, {"url": "https://github.com/deepjavalibrary/djl/commit/5235be508cec9e8cb6f496a4ed2fa40e4f62c370", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://huntr.com/bounties/b064bd2f-bf6e-4fc0-898e-7d02a9b97e24", "tags": ["x_transferred"]}, {"url": "https://github.com/deepjavalibrary/djl/commit/5235be508cec9e8cb6f496a4ed2fa40e4f62c370", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:25:42.176Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2914", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-07T19:42:49.991428Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:deepjavalibrary:djl:*:*:*:*:*:*:*:*"], "vendor": "deepjavalibrary", "product": "djl", "versions": [{"status": "affected", "version": "026.0", "lessThan": "0.27.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-07T19:44:49.575Z"}}], "cna": {"title": "TarSlip Vulnerability in deepjavalibrary/djl", "source": {"advisory": "b064bd2f-bf6e-4fc0-898e-7d02a9b97e24", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "deepjavalibrary", "product": "deepjavalibrary/djl", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "0.27.0", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/b064bd2f-bf6e-4fc0-898e-7d02a9b97e24"}, {"url": "https://github.com/deepjavalibrary/djl/commit/5235be508cec9e8cb6f496a4ed2fa40e4f62c370"}], "descriptions": [{"lang": "en", "value": "A TarSlip vulnerability exists in the deepjavalibrary/djl, affecting version 0.26.0 and fixed in version 0.27.0. This vulnerability allows an attacker to manipulate file paths within tar archives to overwrite arbitrary files on the target system. Exploitation of this vulnerability could lead to remote code execution, privilege escalation, data theft or manipulation, and denial of service. The vulnerability is due to improper validation of file paths during the extraction of tar files, as demonstrated in multiple occurrences within the library's codebase, including but not limited to the files_util.py and extract_imagenet.py scripts."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-29", "description": "CWE-29 Path Traversal: '\\..\\filename'"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2024-06-06T17:56:47.210Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2914", "state": "PUBLISHED", "dateUpdated": "2024-08-01T19:25:42.176Z", "dateReserved": "2024-03-26T14:05:08.782Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2024-06-06T17:55:55.145Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:djl:deep_java_library:0.26.0:*:*:*:*:*:*:*", "matchCriteriaId": "99799B59-3597-48CF-8D22-710F764A2D3D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A TarSlip vulnerability exists in the deepjavalibrary/djl, affecting version 0.26.0 and fixed in version 0.27.0. This vulnerability allows an attacker to manipulate file paths within tar archives to overwrite arbitrary files on the target system. Exploitation of this vulnerability could lead to remote code execution, privilege escalation, data theft or manipulation, and denial of service. The vulnerability is due to improper validation of file paths during the extraction of tar files, as demonstrated in multiple occurrences within the library's codebase, including but not limited to the files_util.py and extract_imagenet.py scripts."}, {"lang": "es", "value": "Existe una vulnerabilidad Tarslip en deepjavalibrary/djl, que afecta a la versi\u00f3n 0.26.0 y se corrigi\u00f3 en la versi\u00f3n 0.27.0. Esta vulnerabilidad permite a un atacante manipular rutas de archivos dentro de archivos tar para sobrescribir archivos arbitrarios en el sistema de destino. La explotaci\u00f3n de esta vulnerabilidad podr\u00eda conducir a la ejecuci\u00f3n remota de c\u00f3digo, escalada de privilegios, robo o manipulaci\u00f3n de datos y denegaci\u00f3n de servicio. La vulnerabilidad se debe a una validaci\u00f3n inadecuada de las rutas de los archivos durante la extracci\u00f3n de archivos tar, como se demuestra en m\u00faltiples apariciones dentro del c\u00f3digo base de la librer\u00eda, incluidos, entre otros, los scripts files_util.py y extract_imagenet.py."}], "id": "CVE-2024-2914", "lastModified": "2024-11-21T09:10:49.543", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "security@huntr.dev", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-06T18:15:13.227", "references": [{"source": "security@huntr.dev", "tags": ["Patch"], "url": "https://github.com/deepjavalibrary/djl/commit/5235be508cec9e8cb6f496a4ed2fa40e4f62c370"}, {"source": "security@huntr.dev", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://huntr.com/bounties/b064bd2f-bf6e-4fc0-898e-7d02a9b97e24"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/deepjavalibrary/djl/commit/5235be508cec9e8cb6f496a4ed2fa40e4f62c370"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://huntr.com/bounties/b064bd2f-bf6e-4fc0-898e-7d02a9b97e24"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-29"}], "source": "security@huntr.dev", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}