{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-20T09:25:45.168","vulnerabilities":[{"cve":{"id":"CVE-2024-3186","sourceIdentifier":"prodsec@nozominetworks.com","published":"2024-10-17T08:15:02.453","lastModified":"2026-06-17T07:43:29.437","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"CWE-476 NULL Pointer Dereference vulnerability in the evalExpr() function of GoAhead Web Server (version <= 6.0.0) when compiled with the ME_GOAHEAD_JAVASCRIPT flag. This vulnerability allows a remote attacker with the privileges to modify JavaScript template (JST) files to trigger a crash and cause a Denial of Service (DoS) by providing malicious templates."},{"lang":"es","value":"Vulnerabilidad de desreferencia de puntero nulo CWE-476 en la función evalExpr() de GoAhead Web Server (versión &lt;= 6.0.0) cuando se compila con el indicador ME_GOAHEAD_JAVASCRIPT. Esta vulnerabilidad permite que un atacante remoto con privilegios para modificar archivos de plantilla de JavaScript (JST) provoque un bloqueo y provoque una denegación de servicio (DoS) al proporcionar plantillas maliciosas."}],"affected":[{"source":"prodsec@nozominetworks.com","affectedData":[{"vendor":"EmbedThis","product":"GoAhead","defaultStatus":"unknown","repo":"https://www.embedthis.com/goahead/download.html","versions":[{"version":"0","lessThanOrEqual":"6.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"prodsec@nozominetworks.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-17T14:41:17.067450Z","id":"CVE-2024-3186","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"prodsec@nozominetworks.com","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"references":[{"url":"https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-3186","source":"prodsec@nozominetworks.com"}]}}]}