{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-01T18:12:13.086","vulnerabilities":[{"cve":{"id":"CVE-2024-56200","sourceIdentifier":"security-advisories@github.com","published":"2024-12-19T19:15:08.280","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Altair is a fork of Misskey v12. Affected versions lack of request validation and lack of authentication in the image proxy for compressing and resizing remote files could allow attacks that could affect availability, such as by abnormally increasing the CPU usage of the server on which this software is running or placing a heavy load on the network it is using. This issue has been fixed in v12.24Q4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability."},{"lang":"es","value":"Altair es una bifurcación de Misskey v12. La falta de validación de solicitudes y de autenticación en el proxy de imágenes para comprimir y redimensionar archivos remotos en las versiones afectadas podría permitir ataques que podrían afectar la disponibilidad, como por ejemplo, aumentando de forma anormal el uso de CPU del servidor en el que se ejecuta este software o colocando una carga pesada en la red que está utilizando. Este problema se ha solucionado en v12.24Q4.1. Se recomienda a los usuarios que actualicen. No existen workarounds para esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"},{"lang":"en","value":"CWE-405"}]}],"references":[{"url":"https://github.com/misskey-dev/misskey/security/advisories/GHSA-gq5q-c77c-v23600","source":"security-advisories@github.com"},{"url":"https://github.com/nexryai/altair/commit/20bad5155a8d73f8d807c6c1ae0f7b8041331be8","source":"security-advisories@github.com"},{"url":"https://github.com/nexryai/altair/security/advisories/GHSA-3pfm-hp96-pfgv","source":"security-advisories@github.com"}]}}]}