{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T23:31:10.091","vulnerabilities":[{"cve":{"id":"CVE-2024-42183","sourceIdentifier":"psirt@hcl.com","published":"2025-01-23T02:15:35.933","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability.  It could allow a malicious operator to download files from arbitrary URLs without any proper validation or allowlist controls."},{"lang":"es","value":"Los complementos de BigFix Patch Download se ven afectados por una vulnerabilidad de descarga de archivos arbitrarios. Podría permitir que un operador malintencionado descargue archivos desde URL arbitrarias sin ningún tipo de validación o control de lista de permitidos."}],"metrics":{"cvssMetricV31":[{"source":"psirt@hcl.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N","baseScore":2.5,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":1.4}]},"weaknesses":[{"source":"psirt@hcl.com","type":"Secondary","description":[{"lang":"en","value":"CWE-494"}]}],"references":[{"url":"https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118565","source":"psirt@hcl.com"}]}}]}