admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/1xxx/CVE-2024-1021.json

125 lines
4.8 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2024-01-29 11:00:33 +00:00
{
"-Synchronized-Data."
2024-01-29 23:00:32 +00:00
"data_version": "4.0",
"-Synchronized-Data."
2024-01-29 11:00:33 +00:00
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-1021",
"-Synchronized-Data."
2024-01-29 23:00:32 +00:00
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
"-Synchronized-Data."
2024-01-29 11:00:33 +00:00
},
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2024-01-29 23:00:32 +00:00
"value": "A vulnerability, which was classified as critical, has been found in Rebuild up to 3.5.5. Affected by this issue is the function readRawText of the component HTTP Request Handler. The manipulation of the argument url leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252290 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Eine kritische Schwachstelle wurde in Rebuild bis 3.5.5 entdeckt. Davon betroffen ist die Funktion readRawText der Komponente HTTP Request Handler. Mittels dem Manipulieren des Arguments url mit unbekannten Daten kann eine server-side request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918 Server-Side Request Forgery",
"cweId": "CWE-918"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Rebuild",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.5.0"
},
{
"version_affected": "=",
"version_value": "3.5.1"
},
{
"version_affected": "=",
"version_value": "3.5.2"
},
{
"version_affected": "=",
"version_value": "3.5.3"
},
{
"version_affected": "=",
"version_value": "3.5.4"
},
{
"version_affected": "=",
"version_value": "3.5.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.252290",
"refsource": "MISC",
"name": "https://vuldb.com/?id.252290"
},
{
"url": "https://vuldb.com/?ctiid.252290",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.252290"
},
{
"url": "https://www.yuque.com/mailemonyeyongjuan/tha8tr/yemvnt5uo53gfem5",
"refsource": "MISC",
"name": "https://www.yuque.com/mailemonyeyongjuan/tha8tr/yemvnt5uo53gfem5"
}
]
},
"credits": [
{
"lang": "en",
"value": "lemono (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
"-Synchronized-Data."
2024-01-29 11:00:33 +00:00
}
]
}
}
Reference in New Issue Copy Permalink