{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-19T16:45:39.663","vulnerabilities":[{"cve":{"id":"CVE-2022-24294","sourceIdentifier":"security@apache.org","published":"2022-07-24T18:15:09.587","lastModified":"2026-06-17T04:31:33.890","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A regular expression used in Apache MXNet (incubating) is vulnerable to a potential denial-of-service by excessive resource consumption. The bug could be exploited when loading a model in Apache MXNet that has a specially crafted operator name that would cause the regular expression evaluation to use excessive resources to attempt a match. This issue affects Apache MXNet versions prior to 1.9.1."},{"lang":"es","value":"Una expresión regular usa en Apache MXNet (incubating) es vulnerable a una potencial denegación de servicio por consumo excesivo de recursos. El fallo podría explotarse cuando es cargado un modelo en Apache MXNet que presenta un nombre de operador especialmente diseñado que causaría que la evaluación de la expresión regular usara excesivos recursos para intentar una coincidencia. Este problema afecta a Apache MXNet versiones anteriores a 1.9.1"}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache MXNet","versions":[{"version":"unspecified","lessThan":"1.9.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:mxnet:*:*:*:*:*:*:*:*","versionEndExcluding":"1.9.1","matchCriteriaId":"CF32D44D-C18B-4E0A-9AA2-5CE197CB8FB7"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2022/07/24/2","source":"security@apache.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.apache.org/thread/b1fbfmvzlr2bbp95lqoh3mtovclfcl3o","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2022/07/24/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.apache.org/thread/b1fbfmvzlr2bbp95lqoh3mtovclfcl3o","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Vendor Advisory"]}]}}]}