{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T23:23:38.569","vulnerabilities":[{"cve":{"id":"CVE-2024-30170","sourceIdentifier":"cve@mitre.org","published":"2024-08-06T14:16:03.777","lastModified":"2024-08-12T16:13:53.803","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed in minor versions 33.1, 32.3, 31.3, and later, and in major version 34.0 and later,"},{"lang":"es","value":"PrivX anterior a 34.0 permite la filtración de datos y la denegación de servicio a través de la API REST. Esto se solucionó en las versiones menores 33.1, 32.3, 31.3 y posteriores, y en la versión principal 34.0 y posteriores."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ssh:privx:*:*:*:*:*:*:*:*","versionStartIncluding":"22.0","versionEndExcluding":"31.3","matchCriteriaId":"5CF12CE6-5935-4A27-9358-F323902C9E7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:ssh:privx:*:*:*:*:*:*:*:*","versionStartIncluding":"32.0","versionEndExcluding":"32.3","matchCriteriaId":"0D2806F5-9289-44BA-A0CF-0A22CE10E81C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ssh:privx:33.0:*:*:*:*:*:*:*","matchCriteriaId":"1328E664-F872-4F77-A8B9-AB9E32D790DC"}]}]}],"references":[{"url":"https://info.ssh.com/improper-input-validation-faq","source":"cve@mitre.org","tags":["Exploit","Vendor Advisory"]},{"url":"https://privx.docs.ssh.com/docs/security","source":"cve@mitre.org","tags":["Vendor Advisory"]}]}}]}