CVE-2024-10965
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-10965
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-10965.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-10965
- Published
- 2024-11-07T17:15:06.890Z
- Modified
- 2025-12-03T15:01:54.602845Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A vulnerability classified as problematic was found in emqx neuron up to 2.10.0. Affected by this vulnerability is an unknown functionality of the file /api/v2/schema of the component JSON File Handler. The manipulation leads to information disclosure. The attack can be launched remotely. The patch is named c9ce39747e0372aaa2157b2b56174914a12c06d8. It is recommended to apply a patch to fix this issue.
- References
Affected packages
Git / github.com/emqx/neuron
Git / github.com/fengzeroz/neuron
Affected ranges
- Type
- GIT
- Repo
- https://github.com/fengzeroz/neuron
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-10965.json"
vanir_signatures
[
{
"deprecated": false,
"id": "CVE-2024-10965-4fa5cedd",
"digest": {
"threshold": 0.9,
"line_hashes": [
"33684469709633437339627117126835667340",
"236933878990794278888924163438896829567",
"192203366871279095940515826273868278062",
"198842624542433828732229331099570386516",
"184675773906610093660391980501615720447",
"26442505946733370848360558318526625557",
"234367081816295464890521769622431626607",
"222781491205694811223157008812765074750",
"328710702428939131638177251820225467200",
"219708099371438947958033222262234624291",
"242765905902417474196659976827603224509"
]
},
"source": "https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "include/neuron/msg.h"
}
},
{
"deprecated": false,
"id": "CVE-2024-10965-5c9928a2",
"digest": {
"length": 1443.0,
"function_hash": "206272000381583335435558197513435832997"
},
"source": "https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "plugins/restful/normal_handle.c",
"function": "handle_get_plugin_schema"
}
},
{
"deprecated": false,
"id": "CVE-2024-10965-607cecc2",
"digest": {
"length": 3039.0,
"function_hash": "250637791044783902133163427259814451721"
},
"source": "https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "src/adapter/adapter.c",
"function": "adapter_command"
}
},
{
"deprecated": false,
"id": "CVE-2024-10965-6adf63f8",
"digest": {
"threshold": 0.9,
"line_hashes": [
"331766669030876559672904407830622065925",
"328735776079764243982491709860052407073",
"144201143613463802743014191682613801865",
"199409858437523187706967669917076932943",
"290124177491304318134919065762183262451"
]
},
"source": "https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "plugins/restful/normal_handle.h"
}
},
{
"deprecated": false,
"id": "CVE-2024-10965-74a8dac8",
"digest": {
"threshold": 0.9,
"line_hashes": [
"183488448230927358206521439169736062700",
"158925621955014402826797808694279982763",
"46599072083530774570296756770776765847",
"300361578666655515899659258611117748195",
"83971784927256436002831367941673891925",
"332812996985778051612729370143315507736",
"260214560146203154648124393235808031137",
"25205654491859607792041661079498997756"
]
},
"source": "https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/base/msg_internal.h"
}
},
{
"deprecated": false,
"id": "CVE-2024-10965-77c9a788",
"digest": {
"threshold": 0.9,
"line_hashes": [
"186087883928190571639855483630084824668",
"162920762934721073698850834177841874594",
"127878302214932493482167415504937110561",
"96825551502228788124460138529812843207",
"114244463955053221723484703364437165959",
"72199324614251445042697018010400415514",
"242951509535770625754122545485654870136",
"83337083799070672410663937136230291021",
"53512466530943145200040323414228670998",
"148599505863091312980039212186417794432",
"9859460008669593597004361207586661671",
"133921878331275654997287719721893217539",
"336235063371392495270559944094004693218",
"43985615913597358792431788121923529628",
"106831827716323806008492049216669951243",
"319610081286320211339394559718037226013",
"74181806681845497024062793288420407052",
"139013771865270249395283190760618393440",
"324038395086061212504601158896064852418",
"112189129911661377181445995078407343234",
"328610609193708528918581261830182296710",
"219303615091271843934169236718977609992",
"105518995887063914193852247523788375281",
"208185461386069941609916253540833377878",
"101544351225101379689947465917451176692",
"141549925307396892168228798997366442916",
"86590235573444371977146626260573219636",
"74181806681845497024062793288420407052",
"139013771865270249395283190760618393440",
"320029698851387778440630652203986733480",
"64619871641153154474813383312665447019",
"161370817070060231496082327709935244589",
"319120693856268343191434500283342317023",
"326462110965240730879651994617822946656",
"110001607042511068763207975409097298627",
"27812336291194601281133598339733858907",
"76159388609106758571599920996102820758",
"86590235573444371977146626260573219636",
"74181806681845497024062793288420407052",
"139013771865270249395283190760618393440",
"320029698851387778440630652203986733480",
"64619871641153154474813383312665447019",
"161370817070060231496082327709935244589",
"166230679588605732246869605467943110011",
"321103678879536218326510509250387526320",
"77059927923299731759655332056245909582",
"134444778962908547429236687415097252909",
"129347526216547332336197573931797019505",
"251867506143450941369483433405625286243",
"266867621887417801745127264588219012526",
"283732691437993456845483624241946207402",
"26509591823401231883054141734819867280",
"182957550152901195435672907494483908575",
"143705414201236816223189211730536016901"
]
},
"source": "https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "plugins/restful/normal_handle.c"
}
},
{
"deprecated": false,
"id": "CVE-2024-10965-82e3d418",
"digest": {
"length": 965.0,
"function_hash": "184075152562235265383511131754700075624"
},
"source": "https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "src/base/msg_internal.h",
"function": "neu_msg_new"
}
},
{
"deprecated": false,
"id": "CVE-2024-10965-9ef2dc08",
"digest": {
"length": 3997.0,
"function_hash": "132307509866539276157837633071349446142"
},
"source": "https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "plugins/restful/rest.c",
"function": "dashb_plugin_request"
}
},
{
"deprecated": false,
"id": "CVE-2024-10965-c3841bea",
"digest": {
"threshold": 0.9,
"line_hashes": [
"254196138307685242315348790184544741226",
"4437879433522207270230736205595320919",
"89583120248530991767572213547118568481",
"22070864130972209409841764235078166049",
"172572521693954626916528770019528746116",
"256304452374704400735350413965060132603",
"5974052631257074529586262493364696278",
"53126356526030369048447122945456290272"
]
},
"source": "https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "plugins/restful/rest.c"
}
},
{
"deprecated": false,
"id": "CVE-2024-10965-da4f44a0",
"digest": {
"length": 17015.0,
"function_hash": "7088177272976857051376763031646212874"
},
"source": "https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "src/adapter/adapter.c",
"function": "adapter_loop"
}
},
{
"deprecated": false,
"id": "CVE-2024-10965-db2862d3",
"digest": {
"length": 30911.0,
"function_hash": "228378087554208791427335845747282123787"
},
"source": "https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "src/core/manager.c",
"function": "manager_loop"
}
},
{
"deprecated": false,
"id": "CVE-2024-10965-e5fe4e7f",
"digest": {
"threshold": 0.9,
"line_hashes": [
"261325588127643394883878072992956164927"
]
},
"source": "https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/core/plugin_manager.h"
}
},
{
"deprecated": false,
"id": "CVE-2024-10965-ed841e3f",
"digest": {
"threshold": 0.9,
"line_hashes": [
"17358983737281476449847183385251215169",
"314456207923949496471018362511140973936",
"204718051980332471680237224574764455770",
"224424715268410597974240626730970050003",
"257822021620127626921627211328101218007",
"73080824998716567453672862139449616723",
"297084382876264524492155605022542747831",
"261111592617548360548337768424341194748"
]
},
"source": "https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "src/adapter/adapter.c"
}
}
]