{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-10T22:18:17.944","vulnerabilities":[{"cve":{"id":"CVE-2024-26307","sourceIdentifier":"security@apache.org","published":"2024-03-21T10:15:07.527","lastModified":"2025-06-17T13:50:12.777","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Possible race condition vulnerability in Apache Doris.\nSome of code using `chmod()` method. This method run the risk of someone renaming the file out from under user and chmodding the wrong file.\nThis could theoretically happen, but the impact would be minimal.\nThis issue affects Apache Doris: before 1.2.8, before 2.0.4.\n\nUsers are recommended to upgrade to version 2.0.4, which fixes the issue."},{"lang":"es","value":"Posible vulnerabilidad de condición de ejecución en Apache Doris. Parte del código que utiliza el método `chmod()`. Este método corre el riesgo de que alguien cambie el nombre del archivo por debajo del usuario y modifique el archivo incorrecto. En teoría, esto podría suceder, pero el impacto sería mínimo. Este problema afecta a Apache Doris: antes de 1.2.8, antes de 2.0.4. Se recomienda a los usuarios actualizar a la versión 2.0.4, que soluciona el problema."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":3.4}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:doris:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.8","matchCriteriaId":"5B75564F-3C9C-452E-BD4C-6A9C706EE8B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:doris:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.0.4","matchCriteriaId":"A7296FBE-665A-464B-8A52-5ED73CEA5D6A"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2024/03/21/2","source":"security@apache.org","tags":["Mailing List"]},{"url":"https://lists.apache.org/thread/5shhw8x8m271hd2wfwzqzwgf36pmc4pl","source":"security@apache.org","tags":["Mailing List"]},{"url":"http://www.openwall.com/lists/oss-security/2024/03/21/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://lists.apache.org/thread/5shhw8x8m271hd2wfwzqzwgf36pmc4pl","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]}]}}]}