CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-58102: An issue was discovered in Datalust Seq before 2024.3.13545. An insecure default parsing depth limit allows stack consumption when parsing...

5.7 CVSS

Description

An issue was discovered in Datalust Seq before 2024.3.13545. An insecure default parsing depth limit allows stack consumption when parsing user-supplied queries containing deeply nested expressions.

Classification

CVE ID: CVE-2024-58102

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.7

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C

Problem Types

CWE-674 Uncontrolled Recursion

Affected Products

Vendor: Datalust

Product: Seq

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 10.61% (scored less or equal to compared to others)

EPSS Date: 2025-04-09 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2024-58102
https://github.com/datalust/seq-tickets/issues/2367
https://github.com/datalust/seq-tickets/issues/2086
https://datalust.co/seq

Timeline

2025-03-11 08:40:16 UTC
CVE

An issue was discovered in Datalust Seq before 2024.3.13545. An insecure default parsing depth limit allows stack consumption when parsing...