How severe is CVE-2024-31197?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2024-31197?

This is classified as CWE-170, which is a common weakness in software security.

CVE-2024-31197

HIGH Year: 2024

CVSS v3 Score

7.5

High

Weakness Type

CWE-170

View all →

Vulnerability Description

Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack. This issue affects libfluid: 0.1.0.

CVE-2019-11044

HIGH

CVSS:7.5(High)

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to...

CWE-1702019

CVE-2022-47515

HIGH

CVSS:7.5(High)

An issue was discovered in drachtio-server before 0.8.20. It allows remote attackers to cause a denial of service (daemon crash) via a long message in a TCP request that leads to std::length_error.

CWE-1702022

CVE-2023-24021

HIGH

CVSS:7.5(High)

Incorrect handling of '\0' bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules ...

CWE-1702023