CVE-2024-43380 in fugit정보

요약

\~에 의해 MITRE • 2024. 08. 19.

fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 * * 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sight. Fugit dependents that do not check (user) input length for plausibility are impacted. A fix was released in fugit 1.11.1.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

GitHub M

예약하다

2024. 08. 09.

공개

2024. 08. 19.

모더레이션

수락

항목

VDB-275124

CPE

준비됨

CWE

CWE-400 (확인됨)

CVSS

7.5 (NVD)

EPSS

0.00237

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-43380
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-43380
CVE Details	https://www.cvedetails.com/cve/CVE-2024-43380/

◂ 이전 개요 다음 ▸

Want to know what is going to be exploited?

We predict KEV entries!