{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59081?format=json","vulnerability_id":"VCID-b449-h74y-bufp","summary":"An issue in the dc_add_int component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.","aliases":[{"alias":"CVE-2024-57640"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106841?format=json","purl":"pkg:deb/debian/virtuoso-opensource@7.2.12%2Bdfsg-0.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtuoso-opensource@7.2.12%252Bdfsg-0.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106842?format=json","purl":"pkg:deb/debian/virtuoso-opensource@7.2.12%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtuoso-opensource@7.2.12%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106840?format=json","purl":"pkg:deb/debian/virtuoso-opensource@7.2.12%2Bdfsg-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtuoso-opensource@7.2.12%252Bdfsg-4%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106838?format=json","purl":"pkg:deb/debian/virtuoso-opensource@7.2.5.1%2Bdfsg1-0.1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1kq1-9qe1-5bf4"},{"vulnerability":"VCID-25rp-h9wp-tyby"},{"vulnerability":"VCID-2dzc-em2d-zffq"},{"vulnerability":"VCID-33gt-1k87-6kgz"},{"vulnerability":"VCID-3btk-z4cu-1kcq"},{"vulnerability":"VCID-45cf-jj6z-b3d7"},{"vulnerability":"VCID-4c4e-97n6-7qgf"},{"vulnerability":"VCID-4n4z-rwug-ckht"},{"vulnerability":"VCID-52jh-68cy-zudv"},{"vulnerability":"VCID-5azb-a7pf-2ba3"},{"vulnerability":"VCID-6bz8-fuu1-gfc9"},{"vulnerability":"VCID-77hu-78ge-mqaw"},{"vulnerability":"VCID-78m7-9pp8-d7ar"},{"vulnerability":"VCID-7agb-bju3-pfgj"},{"vulnerability":"VCID-843z-c77a-4bd2"},{"vulnerability":"VCID-9e3z-dpgs-ykeb"},{"vulnerability":"VCID-a66j-ppg3-rufj"},{"vulnerability":"VCID-a7w9-r82w-jkc3"},{"vulnerability":"VCID-ae43-xnaf-pud3"},{"vulnerability":"VCID-agvx-f2z4-6fft"},{"vulnerability":"VCID-b35m-g716-uqcs"},{"vulnerability":"VCID-b449-h74y-bufp"},{"vulnerability":"VCID-bh4q-vrfb-dbbk"},{"vulnerability":"VCID-bj1r-fc88-abbw"},{"vulnerability":"VCID-c2p5-swgc-kqg7"},{"vulnerability":"VCID-ch5e-z78m-8yb1"},{"vulnerability":"VCID-ckh7-6cvf-47ec"},{"vulnerability":"VCID-d3dq-mwye-b7hb"},{"vulnerability":"VCID-d8tf-3pc5-2yfu"},{"vulnerability":"VCID-e47w-mdvy-6yfw"},{"vulnerability":"VCID-e6zd-jyen-y3da"},{"vulnerability":"VCID-edu8-fn77-eqfu"},{"vulnerability":"VCID-en2n-d8yz-3yeb"},{"vulnerability":"VCID-fw8z-wz6d-muc1"},{"vulnerability":"VCID-fyfc-fa68-j7g4"},{"vulnerability":"VCID-guhu-kcvp-qfgp"},{"vulnerability":"VCID-hmyu-22v1-77a6"},{"vulnerability":"VCID-j4md-8mbw-67gx"},{"vulnerability":"VCID-kk96-ca1b-gueu"},{"vulnerability":"VCID-mfm2-dxw1-vbdd"},{"vulnerability":"VCID-n67q-s53x-r3as"},{"vulnerability":"VCID-nazx-bda5-5fea"},{"vulnerability":"VCID-ng5m-bstg-9ffg"},{"vulnerability":"VCID-ngsb-1xut-53du"},{"vulnerability":"VCID-pd2u-88qa-6kfn"},{"vulnerability":"VCID-rmpf-a8rw-gydu"},{"vulnerability":"VCID-rzuc-dubg-skdj"},{"vulnerability":"VCID-t5g1-quvm-pyhu"},{"vulnerability":"VCID-tf2t-g6ke-pbdg"},{"vulnerability":"VCID-uh24-218h-wuh2"},{"vulnerability":"VCID-v442-ed5f-sufx"},{"vulnerability":"VCID-va1f-d2eg-k3cz"},{"vulnerability":"VCID-vmsz-sruf-jub7"},{"vulnerability":"VCID-wssy-gv24-u3dx"},{"vulnerability":"VCID-wzdg-t4sc-gfbg"},{"vulnerability":"VCID-xkt9-xa6j-mfgv"},{"vulnerability":"VCID-xmkj-hxbr-wyau"},{"vulnerability":"VCID-xn81-716v-kqcv"},{"vulnerability":"VCID-y85a-pgts-9uh6"},{"vulnerability":"VCID-z5uk-jxpr-ufch"},{"vulnerability":"VCID-z8hz-p92w-xyb7"},{"vulnerability":"VCID-zn9v-w1hu-4qe7"},{"vulnerability":"VCID-zuup-h821-nqd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtuoso-opensource@7.2.5.1%252Bdfsg1-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106839?format=json","purl":"pkg:deb/debian/virtuoso-opensource@7.2.5.1%2Bdfsg1-0.3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1kq1-9qe1-5bf4"},{"vulnerability":"VCID-25rp-h9wp-tyby"},{"vulnerability":"VCID-2dzc-em2d-zffq"},{"vulnerability":"VCID-33gt-1k87-6kgz"},{"vulnerability":"VCID-3btk-z4cu-1kcq"},{"vulnerability":"VCID-45cf-jj6z-b3d7"},{"vulnerability":"VCID-4c4e-97n6-7qgf"},{"vulnerability":"VCID-4n4z-rwug-ckht"},{"vulnerability":"VCID-52jh-68cy-zudv"},{"vulnerability":"VCID-5azb-a7pf-2ba3"},{"vulnerability":"VCID-6bz8-fuu1-gfc9"},{"vulnerability":"VCID-77hu-78ge-mqaw"},{"vulnerability":"VCID-78m7-9pp8-d7ar"},{"vulnerability":"VCID-7agb-bju3-pfgj"},{"vulnerability":"VCID-843z-c77a-4bd2"},{"vulnerability":"VCID-9e3z-dpgs-ykeb"},{"vulnerability":"VCID-a66j-ppg3-rufj"},{"vulnerability":"VCID-a7w9-r82w-jkc3"},{"vulnerability":"VCID-ae43-xnaf-pud3"},{"vulnerability":"VCID-agvx-f2z4-6fft"},{"vulnerability":"VCID-b35m-g716-uqcs"},{"vulnerability":"VCID-b449-h74y-bufp"},{"vulnerability":"VCID-bh4q-vrfb-dbbk"},{"vulnerability":"VCID-bj1r-fc88-abbw"},{"vulnerability":"VCID-c2p5-swgc-kqg7"},{"vulnerability":"VCID-ch5e-z78m-8yb1"},{"vulnerability":"VCID-ckh7-6cvf-47ec"},{"vulnerability":"VCID-d3dq-mwye-b7hb"},{"vulnerability":"VCID-d8tf-3pc5-2yfu"},{"vulnerability":"VCID-e47w-mdvy-6yfw"},{"vulnerability":"VCID-e6zd-jyen-y3da"},{"vulnerability":"VCID-edu8-fn77-eqfu"},{"vulnerability":"VCID-en2n-d8yz-3yeb"},{"vulnerability":"VCID-fw8z-wz6d-muc1"},{"vulnerability":"VCID-fyfc-fa68-j7g4"},{"vulnerability":"VCID-guhu-kcvp-qfgp"},{"vulnerability":"VCID-hmyu-22v1-77a6"},{"vulnerability":"VCID-j4md-8mbw-67gx"},{"vulnerability":"VCID-kk96-ca1b-gueu"},{"vulnerability":"VCID-mfm2-dxw1-vbdd"},{"vulnerability":"VCID-n67q-s53x-r3as"},{"vulnerability":"VCID-nazx-bda5-5fea"},{"vulnerability":"VCID-ng5m-bstg-9ffg"},{"vulnerability":"VCID-ngsb-1xut-53du"},{"vulnerability":"VCID-pd2u-88qa-6kfn"},{"vulnerability":"VCID-rmpf-a8rw-gydu"},{"vulnerability":"VCID-rzuc-dubg-skdj"},{"vulnerability":"VCID-t5g1-quvm-pyhu"},{"vulnerability":"VCID-tf2t-g6ke-pbdg"},{"vulnerability":"VCID-uh24-218h-wuh2"},{"vulnerability":"VCID-v442-ed5f-sufx"},{"vulnerability":"VCID-va1f-d2eg-k3cz"},{"vulnerability":"VCID-vmsz-sruf-jub7"},{"vulnerability":"VCID-wssy-gv24-u3dx"},{"vulnerability":"VCID-wzdg-t4sc-gfbg"},{"vulnerability":"VCID-xkt9-xa6j-mfgv"},{"vulnerability":"VCID-xmkj-hxbr-wyau"},{"vulnerability":"VCID-xn81-716v-kqcv"},{"vulnerability":"VCID-y85a-pgts-9uh6"},{"vulnerability":"VCID-z5uk-jxpr-ufch"},{"vulnerability":"VCID-z8hz-p92w-xyb7"},{"vulnerability":"VCID-zn9v-w1hu-4qe7"},{"vulnerability":"VCID-zuup-h821-nqd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtuoso-opensource@7.2.5.1%252Bdfsg1-0.3%3Fdistro=trixie"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57640.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-57640.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-57640","reference_id":"","reference_type":"","scores":[{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61088","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-57640"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57640","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57640"},{"reference_url":"https://github.com/openlink/virtuoso-opensource/issues/1184","reference_id":"1184","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:34:28Z/"}],"url":"https://github.com/openlink/virtuoso-opensource/issues/1184"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337490","reference_id":"2337490","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337490"}],"weaknesses":[{"cwe_id":20,"name":"Improper Input Validation","description":"The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly."}],"exploits":[],"severity_range_score":"7.5 - 7.5","exploitability":"0.5","weighted_severity":"6.8","risk_score":3.4,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b449-h74y-bufp"}