{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T19:23:15.920","vulnerabilities":[{"cve":{"id":"CVE-2024-30471","sourceIdentifier":"security@apache.org","published":"2024-07-17T09:15:02.640","lastModified":"2024-11-21T09:11:59.580","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache StreamPipes in user self-registration.\nThis allows an attacker to potentially request the creation of multiple accounts with the same email address until the email address is registered, creating many identical users and corrupting StreamPipe's user management.\nThis issue affects Apache StreamPipes: through 0.93.0.\n\nUsers are recommended to upgrade to version 0.95.0, which fixes the issue.\n\n"},{"lang":"es","value":"Vulnerabilidad de condición de ejecución de tiempo de verificación de tiempo de uso (TOCTOU) en Apache StreamPipes en el registro automático del usuario. Esto permite que un atacante solicite potencialmente la creación de varias cuentas con la misma dirección de correo electrónico hasta que se registre la dirección de correo electrónico, lo que crea muchos usuarios idénticos y corrompe la administración de usuarios de StreamPipe. Este problema afecta a Apache StreamPipes: hasta 0.93.0. Se recomienda a los usuarios actualizar a la versión 0.95.0, que soluciona el problema."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:streampipes:*:*:*:*:*:*:*:*","versionEndExcluding":"0.95.0","matchCriteriaId":"B5EC9EC8-4988-4DAC-A92F-CCDED7F9CB52"}]}]}],"references":[{"url":"https://lists.apache.org/thread/8yodrmohgcybq900or3d4hc1msl230fr","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2024/07/16/9","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.apache.org/thread/8yodrmohgcybq900or3d4hc1msl230fr","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Vendor Advisory"]}]}}]}