{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-03T19:37:42.623","vulnerabilities":[{"cve":{"id":"CVE-2024-52271","sourceIdentifier":"2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe","published":"2024-12-05T14:15:21.417","lastModified":"2026-06-17T08:06:54.807","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"User Interface (UI) Misrepresentation of Critical Information vulnerability in Documenso allows Content Spoofing.Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened.\n\n\nThis issue affects Documenso: through 1.8.0, >1.8.0 and Documenso SaaS (Hosted) as of 2024-12-05."},{"lang":"es","value":"La vulnerabilidad de tergiversación de información crítica en la interfaz de usuario (IU) de Documenso permite la suplantación de contenido. La versión mostrada no muestra la versión aplanada de capas una vez descargada. Si se imprime (por ejemplo, a través de Google Chrome -&gt; Examinar la vista previa de impresión): solo se mostrará la vulnerabilidad, no se aplanarán todas las capas. Este problema afecta a Documenso: hasta 1.8.0, &gt;1.8.0 y Documenso SaaS (alojado) a partir del 5 de diciembre de 2024."}],"affected":[{"source":"2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe","affectedData":[{"vendor":"Documenso","product":"Documenso","defaultStatus":"affected","repo":"https://github.com/documenso/documenso","versions":[{"version":"0","lessThanOrEqual":"1.8.0","versionType":"git","status":"affected"},{"version":">1.8.0","versionType":"git","status":"affected"}]},{"vendor":"Documenso","product":"Documenso SaaS (Hosted)","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"2024-12-05","versionType":"date","status":"affected"},{"version":"2024-12-05","versionType":"date","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"documenso","product":"documenso","defaultStatus":"unknown","cpes":["cpe:2.3:a:documenso:documenso:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThanOrEqual":"1.8.0","versionType":"git","status":"affected"},{"version":"1.8.0*","status":"affected"}]},{"vendor":"documenso","product":"documenso","defaultStatus":"unknown","cpes":["cpe:2.3:a:documenso:documenso:*:*:*:*:saas:*:*:*"],"versions":[{"version":"0","lessThanOrEqual":"2024-12-05","versionType":"custom","status":"affected"},{"version":"2024-12-05","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"RED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-12-05T14:14:26.736144Z","id":"CVE-2024-52271","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe","type":"Secondary","description":[{"lang":"en","value":"CWE-451"}]}],"references":[{"url":"https://github.com/documenso/documenso","source":"2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"},{"url":"https://github.com/documenso/documenso/issues/1512","source":"2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"},{"url":"https://www.documenso.com/","source":"2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"},{"url":"https://www.vulsec.org/advisories","source":"2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe"}]}}]}