CVE-2024-38517

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-38517

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38517.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-38517

Downstream

BELL-CVE-2024-38517

DEBIAN-CVE-2024-38517

OESA-2024-1857

UBUNTU-CVE-2024-38517

USN-7125-1

Related

MGASA-2024-0371

Published

2024-07-09T18:51:50Z

Modified

2025-10-25T04:45:57.003866Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C CVSS Calculator

Summary

Tencent RapidJSON include/rapidjson/reader.h GenericReader::ParseNumber() Function Template Exponent Parsing Integer Underflow

Details

Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber() function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer underflow vulnerability (when the file is parsed), leading to elevation of privilege.

Database specific

{
    "cwe_ids": [
        "CWE-191"
    ]
}

References

Affected packages

Git / github.com/tencent/rapidjson

Affected ranges

Type

GIT

Repo

https://github.com/tencent/rapidjson

Events

Introduced

Last affected

f54b0e47a08782a6131cc3d60f94d038fa6e0a51

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.1.0"
        }
    ]
}

Affected versions

v1.*

v1.0-beta

v1.0.0

v1.0.1

v1.1.0

Git / github.com/tencent/rapidjson

Affected ranges

Type: GIT
Repo: https://github.com/fmalita/rapidjson
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

8269bc2bc289e9d343bae51cdf6d23ef0950e001

Affected versions

v1.*

v1.0-beta

v1.0.0

v1.0.1

v1.1.0

Database specific

vanir_signatures

[
    {
        "digest": {
            "line_hashes": [
                "288425774745012461561310139886002627747",
                "307373623926445788135965508129048585816",
                "98501279309038937940885271199100634471",
                "38645439629479861165110068569379553885",
                "187750517275957864491405977602767129232",
                "97245315838875392425966686568726114009",
                "179086695166975398278890479785796356422"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-38517-32ba92c7",
        "target": {
            "file": "include/rapidjson/reader.h"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/fmalita/rapidjson/commit/8269bc2bc289e9d343bae51cdf6d23ef0950e001",
        "signature_type": "Line"
    },
    {
        "digest": {
            "line_hashes": [
                "313877681585030834460092347888774627812",
                "45814912363862486302300808256811283134",
                "34241869063326660220492092946571623922",
                "237248175434065046011101851845313123553"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-38517-346215dd",
        "target": {
            "file": "test/unittest/readertest.cpp"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/fmalita/rapidjson/commit/8269bc2bc289e9d343bae51cdf6d23ef0950e001",
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "243468763142092133153126455231348369043",
            "length": 8625.0
        },
        "id": "CVE-2024-38517-44fce472",
        "target": {
            "function": "TestParseDouble",
            "file": "test/unittest/readertest.cpp"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/fmalita/rapidjson/commit/8269bc2bc289e9d343bae51cdf6d23ef0950e001",
        "signature_type": "Function"
    }
]