{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-22194","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2024-01-08T04:59:27.371Z","datePublished":"2024-01-11T02:21:53.758Z","dateUpdated":"2025-06-03T14:25:30.740Z"},"containers":{"cna":{"title":"cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code","problemTypes":[{"descriptions":[{"cweId":"CWE-215","lang":"en","description":"CWE-215: Insertion of Sensitive Information Into Debugging Code","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-337","lang":"en","description":"CWE-337: Predictable Seed in Pseudo-Random Number Generator (PRNG)","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":2.2,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N","version":"3.1"}}],"references":[{"name":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/security/advisories/GHSA-rgrf-6mf5-m882","tags":["x_refsource_CONFIRM"],"url":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/security/advisories/GHSA-rgrf-6mf5-m882"},{"name":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/pull/3","tags":["x_refsource_MISC"],"url":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/pull/3"},{"name":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/pull/4","tags":["x_refsource_MISC"],"url":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/pull/4"},{"name":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/commit/9e78f7cb1075728d0aafc918514f32a1392cd235","tags":["x_refsource_MISC"],"url":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/commit/9e78f7cb1075728d0aafc918514f32a1392cd235"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/00864cd12de7c50d882dd1a74915d32e939c25f9","tags":["x_refsource_MISC"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/00864cd12de7c50d882dd1a74915d32e939c25f9"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/1cccae8eb3cf94b3a28f6490efa0fbf5c82ebd6b","tags":["x_refsource_MISC"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/1cccae8eb3cf94b3a28f6490efa0fbf5c82ebd6b"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/5acb929dfb599709d1c8c90d1824dd79e0fd9e10","tags":["x_refsource_MISC"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/5acb929dfb599709d1c8c90d1824dd79e0fd9e10"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/7e02d18383eabbeb9fb4ec97d81438c9980a4790","tags":["x_refsource_MISC"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/7e02d18383eabbeb9fb4ec97d81438c9980a4790"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/80551f49241c874c7c50e14abe05c5017630dad2","tags":["x_refsource_MISC"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/80551f49241c874c7c50e14abe05c5017630dad2"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/939775f956796d0432ecabbf62782ed7ad1007b5","tags":["x_refsource_MISC"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/939775f956796d0432ecabbf62782ed7ad1007b5"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/db428a0745dac4fdd888ced9c52f617695519f9d","tags":["x_refsource_MISC"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/db428a0745dac4fdd888ced9c52f617695519f9d"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/e4ffadc3d56fd303b8f465d727c4a58213d311a1","tags":["x_refsource_MISC"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/e4ffadc3d56fd303b8f465d727c4a58213d311a1"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/fca7388f09feccd3b9ea88e6df9c7a43a5349452","tags":["x_refsource_MISC"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/fca7388f09feccd3b9ea88e6df9c7a43a5349452"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/fdc32414eccfcbde6be0fd91b7f491cc0779b02d#diff-e60b9cb8fb480ed27283a030a0898be3475992d78228f4045b12ce5cbb2f0509","tags":["x_refsource_MISC"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/fdc32414eccfcbde6be0fd91b7f491cc0779b02d#diff-e60b9cb8fb480ed27283a030a0898be3475992d78228f4045b12ce5cbb2f0509"}],"affected":[{"vendor":"Cyber-Domain-Ontology","product":"CDO-Utility-Local-UUID","versions":[{"version":"= 0.4.0","status":"affected"},{"version":"= 0.5.0","status":"affected"},{"version":"= 0.6.0","status":"affected"},{"version":"= 0.7.0","status":"affected"},{"version":"= 0.8.0","status":"affected"},{"version":"= 0.9.0","status":"affected"},{"version":"= 0.10.0","status":"affected"},{"version":"= 0.11.0","status":"affected"},{"version":"= 0.12.0","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2024-01-11T02:21:53.758Z"},"descriptions":[{"lang":"en","value":"cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in `cdo-local-uuid` at version `0.4.0`, and in `case-utils` in unpatched versions (matching the pattern `0.x.0`) at and since `0.5.0`, before `0.15.0`. The vulnerability stems from a Python function, `cdo_local_uuid.local_uuid()`, and its original implementation `case_utils.local_uuid()`. "}],"source":{"advisory":"GHSA-rgrf-6mf5-m882","discovery":"UNKNOWN"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T22:35:34.933Z"},"title":"CVE Program Container","references":[{"name":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/security/advisories/GHSA-rgrf-6mf5-m882","tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/security/advisories/GHSA-rgrf-6mf5-m882"},{"name":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/pull/3","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/pull/3"},{"name":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/pull/4","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/pull/4"},{"name":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/commit/9e78f7cb1075728d0aafc918514f32a1392cd235","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/Cyber-Domain-Ontology/CDO-Utility-Local-UUID/commit/9e78f7cb1075728d0aafc918514f32a1392cd235"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/00864cd12de7c50d882dd1a74915d32e939c25f9","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/00864cd12de7c50d882dd1a74915d32e939c25f9"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/1cccae8eb3cf94b3a28f6490efa0fbf5c82ebd6b","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/1cccae8eb3cf94b3a28f6490efa0fbf5c82ebd6b"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/5acb929dfb599709d1c8c90d1824dd79e0fd9e10","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/5acb929dfb599709d1c8c90d1824dd79e0fd9e10"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/7e02d18383eabbeb9fb4ec97d81438c9980a4790","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/7e02d18383eabbeb9fb4ec97d81438c9980a4790"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/80551f49241c874c7c50e14abe05c5017630dad2","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/80551f49241c874c7c50e14abe05c5017630dad2"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/939775f956796d0432ecabbf62782ed7ad1007b5","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/939775f956796d0432ecabbf62782ed7ad1007b5"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/db428a0745dac4fdd888ced9c52f617695519f9d","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/db428a0745dac4fdd888ced9c52f617695519f9d"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/e4ffadc3d56fd303b8f465d727c4a58213d311a1","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/e4ffadc3d56fd303b8f465d727c4a58213d311a1"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/fca7388f09feccd3b9ea88e6df9c7a43a5349452","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/fca7388f09feccd3b9ea88e6df9c7a43a5349452"},{"name":"https://github.com/casework/CASE-Utilities-Python/commit/fdc32414eccfcbde6be0fd91b7f491cc0779b02d#diff-e60b9cb8fb480ed27283a030a0898be3475992d78228f4045b12ce5cbb2f0509","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/casework/CASE-Utilities-Python/commit/fdc32414eccfcbde6be0fd91b7f491cc0779b02d#diff-e60b9cb8fb480ed27283a030a0898be3475992d78228f4045b12ce5cbb2f0509"}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-05-08T20:11:54.538835Z","id":"CVE-2024-22194","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-03T14:25:30.740Z"}}]}}