CVE-2024-30564

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-30564

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-30564.json

Aliases

GHSA-jjff-q3q4-5hh8

Published

2024-04-18T15:15:30Z

Modified

2024-05-14T13:10:53.364797Z

Summary

[none]

Details

An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method.

References

Affected packages

Git / github.com/andrei-tatar/nora-firebase-common

Affected ranges

Type: GIT
Repo: https://github.com/andrei-tatar/nora-firebase-common
Events: Introduced

0The exact introduced commit is unknown

Fixed

bf30b75d51be04f6c1f884561a223226c890f01b

Affected versions

v1.*

v1.0.10

v1.0.11

v1.0.12

v1.0.13

v1.0.14

v1.0.15

v1.0.16

v1.0.17

v1.0.18

v1.0.19

v1.0.20

v1.0.23

v1.0.24

v1.0.25

v1.0.26

v1.0.27

v1.0.28

v1.0.29

v1.0.3

v1.0.30

v1.0.31

v1.0.32

v1.0.33

v1.0.35

v1.0.36

v1.0.37

v1.0.38

v1.0.39

v1.0.4

v1.0.41

v1.0.42

v1.0.44

v1.0.45

v1.0.46

v1.0.47

v1.0.48

v1.0.49

v1.0.5

v1.0.50

v1.0.51

v1.0.52

v1.0.53

v1.0.54

v1.0.55

v1.0.56

v1.0.57

v1.0.58

v1.0.59

v1.0.6

v1.0.60

v1.0.61

v1.0.7

v1.0.8

v1.0.9

v1.1.0

v1.1.1

v1.1.2

v1.1.3

v1.1.4

v1.10.0

v1.10.1

v1.10.2

v1.10.3

v1.10.4

v1.10.5

v1.11.0

v1.11.1

v1.11.2

v1.12.0

v1.12.1

v1.12.2

v1.2.0

v1.2.1

v1.2.2

v1.2.3

v1.3.0

v1.3.2

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.3.7

v1.3.8

v1.3.9

v1.4.0

v1.4.1

v1.5.0

v1.5.1

v1.5.2

v1.5.3

v1.5.4

v1.5.5

v1.5.6

v1.6.0

v1.6.1

v1.6.2

v1.7.0

v1.7.1

v1.8.0

v1.9.0

v1.9.1