cdo-local-uuid project provides a... CVE-2024-22194

- AV AC AU C I A
发布: 2024-01-11
修订: 2024-01-19

cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in `cdo-local-uuid` at version `0.4.0`, and in `case-utils` in unpatched versions (matching the pattern `0.x.0`) at and since `0.5.0`, before `0.15.0`. The vulnerability stems from a Python function, `cdo_local_uuid.local_uuid()`, and its original implementation `case_utils.local_uuid()`.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有11条受影响产品信息