[ { "id": 803221600, "name": "CVE-2024-4367-PoC", "full_name": "LOURC0D3\/CVE-2024-4367-PoC", "owner": { "login": "LOURC0D3", "id": 83567597, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83567597?v=4", "html_url": "https:\/\/github.com\/LOURC0D3", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/LOURC0D3\/CVE-2024-4367-PoC", "description": "CVE-2024-4367 & CVE-2024-34342 Proof of Concept", "fork": false, "created_at": "2024-05-20T10:02:23Z", "updated_at": "2025-01-15T09:40:14Z", "pushed_at": "2024-06-07T03:28:00Z", "stargazers_count": 145, "watchers_count": 145, "has_discussions": false, "forks_count": 21, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 21, "watchers": 145, "score": 0, "subscribers_count": 2 }, { "id": 803533618, "name": "CVE-2024-4367-POC", "full_name": "s4vvysec\/CVE-2024-4367-POC", "owner": { "login": "s4vvysec", "id": 153960960, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153960960?v=4", "html_url": "https:\/\/github.com\/s4vvysec", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/s4vvysec\/CVE-2024-4367-POC", "description": "CVE-2024-4367 arbitrary js execution in pdf js", "fork": false, "created_at": "2024-05-20T22:56:10Z", "updated_at": "2024-12-10T07:46:23Z", "pushed_at": "2024-05-20T23:09:43Z", "stargazers_count": 45, "watchers_count": 45, "has_discussions": false, "forks_count": 8, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 8, "watchers": 45, "score": 0, "subscribers_count": 1 }, { "id": 804506786, "name": "detect-cve-2024-4367", "full_name": "spaceraccoon\/detect-cve-2024-4367", "owner": { "login": "spaceraccoon", "id": 18413849, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18413849?v=4", "html_url": "https:\/\/github.com\/spaceraccoon", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/spaceraccoon\/detect-cve-2024-4367", "description": "YARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js", "fork": false, "created_at": "2024-05-22T18:05:47Z", "updated_at": "2024-12-17T03:44:10Z", "pushed_at": "2024-05-27T03:06:09Z", "stargazers_count": 10, "watchers_count": 10, "has_discussions": false, "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 10, "score": 0, "subscribers_count": 1 }, { "id": 804608693, "name": "pdfjs-vuln-demo", "full_name": "clarkio\/pdfjs-vuln-demo", "owner": { "login": "clarkio", "id": 6265396, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6265396?v=4", "html_url": "https:\/\/github.com\/clarkio", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/clarkio\/pdfjs-vuln-demo", "description": "This project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367", "fork": false, "created_at": "2024-05-22T23:18:20Z", "updated_at": "2024-08-17T19:52:12Z", "pushed_at": "2024-11-10T04:17:31Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "application-security", "appsec", "astro", "astrojs", "pdf", "pdfjs", "pdfjs-dist", "react", "security", "svelte", "vue", "vuejs", "web" ], "visibility": "public", "forks": 1, "watchers": 3, "score": 0, "subscribers_count": 1 }, { "id": 804747982, "name": "pdfjs_disable_eval", "full_name": "avalahEE\/pdfjs_disable_eval", "owner": { "login": "avalahEE", "id": 56412727, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56412727?v=4", "html_url": "https:\/\/github.com\/avalahEE", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/avalahEE\/pdfjs_disable_eval", "description": "CVE-2024-4367 mitigation for Odoo 14.0", "fork": false, "created_at": "2024-05-23T07:34:15Z", "updated_at": "2024-05-27T08:25:46Z", "pushed_at": "2024-05-27T07:23:33Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "odoo14" ], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 2 }, { "id": 814724272, "name": "cve-2024-4367-PoC-fixed", "full_name": "Zombie-Kaiser\/cve-2024-4367-PoC-fixed", "owner": { "login": "Zombie-Kaiser", "id": 141570642, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141570642?v=4", "html_url": "https:\/\/github.com\/Zombie-Kaiser", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/Zombie-Kaiser\/cve-2024-4367-PoC-fixed", "description": "PDF.js是由Mozilla维护的基于JavaScript的PDF查看器。此漏洞允许攻击者在打开恶意 PDF 文件后立即执行任意 JavaScript 代码。这会影响所有 Firefox 用户 (<126),因为 Firefox 使用 PDF.js 来显示 PDF 文件,但也严重影响了许多基于 Web 和 Electron 的应用程序,这些应用程序(间接)使用 PDF.js 进行预览功能。", "fork": false, "created_at": "2024-06-13T15:14:47Z", "updated_at": "2024-12-01T16:03:04Z", "pushed_at": "2024-06-13T15:19:57Z", "stargazers_count": 10, "watchers_count": 10, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 10, "score": 0, "subscribers_count": 1 }, { "id": 816264581, "name": "pdfjs-vuln-demo", "full_name": "snyk-labs\/pdfjs-vuln-demo", "owner": { "login": "snyk-labs", "id": 47793611, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47793611?v=4", "html_url": "https:\/\/github.com\/snyk-labs", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/snyk-labs\/pdfjs-vuln-demo", "description": "This project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367", "fork": false, "created_at": "2024-06-17T11:39:41Z", "updated_at": "2024-12-15T22:43:59Z", "pushed_at": "2024-06-20T13:40:31Z", "stargazers_count": 8, "watchers_count": 8, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 8, "score": 0, "subscribers_count": 6 }, { "id": 817529952, "name": "PDFernetRemotelo", "full_name": "UnHackerEnCapital\/PDFernetRemotelo", "owner": { "login": "UnHackerEnCapital", "id": 173314584, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173314584?v=4", "html_url": "https:\/\/github.com\/UnHackerEnCapital", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/UnHackerEnCapital\/PDFernetRemotelo", "description": "PoC - Prueba de Concepto de CVE-2024-4367 en conjunto al CVE-2023-38831 en un solo Script", "fork": false, "created_at": "2024-06-19T23:23:07Z", "updated_at": "2024-11-20T16:30:50Z", "pushed_at": "2024-06-20T00:02:49Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 3, "score": 0, "subscribers_count": 1 }, { "id": 852283076, "name": "CVE-2024-4367-Analysis", "full_name": "Masamuneee\/CVE-2024-4367-Analysis", "owner": { "login": "Masamuneee", "id": 125840508, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125840508?v=4", "html_url": "https:\/\/github.com\/Masamuneee", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/Masamuneee\/CVE-2024-4367-Analysis", "description": null, "fork": false, "created_at": "2024-09-04T14:43:33Z", "updated_at": "2024-12-19T08:12:18Z", "pushed_at": "2024-09-04T15:17:57Z", "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 2, "score": 0, "subscribers_count": 1 }, { "id": 884449297, "name": "CVE-2024-4367-pdf-sample", "full_name": "pedrochalegre7\/CVE-2024-4367-pdf-sample", "owner": { "login": "pedrochalegre7", "id": 101287325, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101287325?v=4", "html_url": "https:\/\/github.com\/pedrochalegre7", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/pedrochalegre7\/CVE-2024-4367-pdf-sample", "description": null, "fork": false, "created_at": "2024-11-06T19:15:38Z", "updated_at": "2024-11-07T14:29:14Z", "pushed_at": "2024-11-07T14:28:41Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 912425407, "name": "WEAPONIZING-CVE-2024-4367", "full_name": "exfil0\/WEAPONIZING-CVE-2024-4367", "owner": { "login": "exfil0", "id": 84948741, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84948741?v=4", "html_url": "https:\/\/github.com\/exfil0", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/exfil0\/WEAPONIZING-CVE-2024-4367", "description": "CVE-2024-4367 is a critical vulnerability (CVSS 9.8) in PDF.js, allowing arbitrary JavaScript code execution due to insufficient type checks on the FontMatrix object within PDF files.", "fork": false, "created_at": "2025-01-05T14:44:01Z", "updated_at": "2025-01-05T19:21:53Z", "pushed_at": "2025-01-05T19:21:50Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "cve-2024-4367", "spyware", "weaponized" ], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 } ]