{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-20T15:58:06.437","vulnerabilities":[{"cve":{"id":"CVE-2024-39697","sourceIdentifier":"security-advisories@github.com","published":"2024-07-09T15:15:11.290","lastModified":"2026-06-17T07:42:29.523","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"phonenumber is a library for parsing, formatting and validating international phone numbers. Since 0.3.4, the phonenumber parsing code may panic due to a panic-guarded out-of-bounds access on the phonenumber string. In a typical deployment of rust-phonenumber, this may get triggered by feeding a maliciously crafted phonenumber, e.g. over the network, specifically strings of the form `+dwPAA;phone-context=AA`, where the \"number\" part potentially parses as a number larger than 2^56. This vulnerability is fixed in 0.3.6."},{"lang":"es","value":"phonenumber es una librería para analizar, formatear y validar números de teléfono internacionales. Desde 0.3.4, el código de análisis del número de teléfono puede entrar en pánico debido a un acceso fuera de los límites protegido contra pánico en la cadena del número de teléfono. En una implementación típica de Rust-phonenumber, esto puede desencadenarse al alimentar un número de teléfono creado con fines malintencionados, por ejemplo, a través de la red, específicamente cadenas del formato `+dwPAA;phone-context=AA`, donde la parte \"number\" potencialmente se analiza como un número mayor que 2^56. Esta vulnerabilidad se solucionó en 0.3.6."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"whisperfish","product":"rust-phonenumber","versions":[{"version":">= 0.3.4, < 0.3.6","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"whisperfish","product":"phonenumber","defaultStatus":"unknown","cpes":["cpe:2.3:a:whisperfish:phonenumber:*:*:*:*:*:rust:*:*"],"versions":[{"version":"0.3.4","lessThan":"0.3.6","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-15T21:32:25.872927Z","id":"CVE-2024-39697","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-392"},{"lang":"en","value":"CWE-617"},{"lang":"en","value":"CWE-1284"}]}],"references":[{"url":"https://github.com/whisperfish/rust-phonenumber/commit/b792151b17fc90231c232a23935830c2266f3203","source":"security-advisories@github.com"},{"url":"https://github.com/whisperfish/rust-phonenumber/commit/f69abee1481fac0d6d531407bae90020e39c6407","source":"security-advisories@github.com"},{"url":"https://github.com/whisperfish/rust-phonenumber/issues/69","source":"security-advisories@github.com"},{"url":"https://github.com/whisperfish/rust-phonenumber/pull/52","source":"security-advisories@github.com"},{"url":"https://github.com/whisperfish/rust-phonenumber/security/advisories/GHSA-mjw4-jj88-v687","source":"security-advisories@github.com"},{"url":"https://github.com/whisperfish/rust-phonenumber/commit/b792151b17fc90231c232a23935830c2266f3203","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/whisperfish/rust-phonenumber/commit/f69abee1481fac0d6d531407bae90020e39c6407","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/whisperfish/rust-phonenumber/issues/69","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/whisperfish/rust-phonenumber/pull/52","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/whisperfish/rust-phonenumber/security/advisories/GHSA-mjw4-jj88-v687","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}