{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T12:15:07.101","vulnerabilities":[{"cve":{"id":"CVE-2024-28109","sourceIdentifier":"security-advisories@github.com","published":"2024-03-28T14:15:13.863","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"veraPDF-library is a PDF/A validation library. Executing policy checks using custom schematron files invokes an XSL transformation that could lead to a remote code execution (RCE) vulnerability. This vulnerability is fixed in 1.24.2."},{"lang":"es","value":"veraPDF-library es una librería de validación de PDF/A. La ejecución de comprobaciones de políticas utilizando archivos de esquema personalizados invoca una transformación XSL que podría provocar una vulnerabilidad de ejecución remota de código (RCE). Esta vulnerabilidad se solucionó en 1.24.2."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-91"}]}],"references":[{"url":"https://github.com/veraPDF/veraPDF-library/commit/614ffa477a2cf0819e4b0df1ab133610e0da25fb","source":"security-advisories@github.com"},{"url":"https://github.com/veraPDF/veraPDF-library/commit/9386ecbe1a1d1fb9e886d19df28851ed07890d9f","source":"security-advisories@github.com"},{"url":"https://github.com/veraPDF/veraPDF-library/commit/d5314cbdf4e058e0716f80dbdad2dbd8d96e6bfe","source":"security-advisories@github.com"},{"url":"https://github.com/veraPDF/veraPDF-library/issues/1415","source":"security-advisories@github.com"},{"url":"https://github.com/veraPDF/veraPDF-library/security/advisories/GHSA-qxqf-2mfx-x8jw","source":"security-advisories@github.com"},{"url":"https://github.com/veraPDF/veraPDF-library/commit/614ffa477a2cf0819e4b0df1ab133610e0da25fb","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/veraPDF/veraPDF-library/commit/9386ecbe1a1d1fb9e886d19df28851ed07890d9f","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/veraPDF/veraPDF-library/commit/d5314cbdf4e058e0716f80dbdad2dbd8d96e6bfe","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/veraPDF/veraPDF-library/issues/1415","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/veraPDF/veraPDF-library/security/advisories/GHSA-qxqf-2mfx-x8jw","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}