VDB
CVE-2024-36137
CVE-2024-36137
PUBLISHED
EPSS 0.10% · 26.4th percentile
Risk Scores
EPSS Score
0.10%
26.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | nodejs20 |
Exploit Intelligence
- fs.fchown/fchmod bypasses permission model (hackerone)
- fs.fchown/fchmod bypasses permission model (hackerone)
- fs.fchown/fchmod bypasses permission model (hackerone)
- fs.fchown/fchmod bypasses permission model (hackerone)
- fs.fchown/fchmod bypasses permission model (hackerone)
- fs.fchown/fchmod bypasses permission model (hackerone)
- GenerationConfig.java (github-poc)
- GenerationConfig.java (github-poc)
- 170.json (github-poc)
- 170.json (github-poc)
…and 39 more exploits
Timeline
- CVE Published
- Jul 9, 2024 PoC Published
- Sep 8, 2024 EPSS Score
- Sep 28, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 16, 2024 PoC Published
- Oct 18, 2024 EPSS Score
- Nov 7, 2024 EPSS Score
- Nov 27, 2024 EPSS Score
- Dec 3, 2024 Coalition ESS Score
- Dec 18, 2024 EPSS Score
- Jan 7, 2025 EPSS Score
References
- ALAS2023-2024-768: nodejs20 (medium) advisory