admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-08-19 14:00:35 +00:00
parent 99445fd238
commit 0058f8e7e4
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
13 changed files with 149 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2023/6xxx/CVE-2023-6476.json
View File

@ -65,7 +65,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.27.2-7.rhaos4.14.git1cc7a64.el8",
"version": "0:1.27.2-7.rhaos4.14.git1cc7a64.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"

44
2024/1xxx/CVE-2024-1394.json
View File

@ -523,7 +523,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "1:1.23.4-5.2.rhaos4.12.el9",
"version": "1:1.23.4-5.2.rhaos4.12.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -565,7 +565,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.25.5-13.1.rhaos4.12.git76343da.el8",
"version": "0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -579,7 +579,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.25.0-2.2.el9",
"version": "0:1.25.0-2.2.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -607,7 +607,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el8",
"version": "0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -649,7 +649,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2:1.9.4-3.2.rhaos4.12.el8",
"version": "2:1.9.4-3.2.rhaos4.12.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -670,7 +670,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "1:1.29.1-2.2.rhaos4.13.el8",
"version": "1:1.29.1-2.2.rhaos4.13.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -698,7 +698,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.26.5-11.1.rhaos4.13.git919cc6e.el8",
"version": "0:1.26.5-11.1.rhaos4.13.git919cc6e.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -712,7 +712,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.26.0-4.1.el8",
"version": "0:1.26.0-4.2.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -873,7 +873,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.14.0-202403261640.p0.gf7b14a9.assembly.stream.el9",
"version": "0:4.14.0-202403261640.p0.gf7b14a9.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -887,7 +887,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.14.0-202403251040.p0.g607e2dd.assembly.stream.el8",
"version": "0:4.14.0-202403251040.p0.g607e2dd.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -901,7 +901,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:4.4.1-11.3.rhaos4.14.el9",
"version": "3:4.4.1-11.3.rhaos4.14.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -915,7 +915,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2:1.11.2-10.3.rhaos4.14.el9",
"version": "2:1.11.2-10.3.rhaos4.14.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -985,7 +985,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.27.4-7.2.rhaos4.14.git082c52f.el9",
"version": "0:1.27.4-7.2.rhaos4.14.git082c52f.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1027,7 +1027,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.14.0-202404160939.p0.g7bee54d.assembly.stream.el9",
"version": "0:4.14.0-202404160939.p0.g7bee54d.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1055,7 +1055,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.14.0-202404151639.p0.g81558cc.assembly.stream.el9",
"version": "0:4.14.0-202404151639.p0.g81558cc.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1069,7 +1069,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.14.0-202404151639.p0.gf7b14a9.assembly.stream.el9",
"version": "0:4.14.0-202404151639.p0.gf7b14a9.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1111,7 +1111,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:4.4.1-11.4.rhaos4.14.el8",
"version": "3:4.4.1-11.4.rhaos4.14.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1125,7 +1125,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4:1.1.12-1.2.rhaos4.14.el8",
"version": "4:1.1.12-1.2.rhaos4.14.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1230,7 +1230,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.28.4-8.rhaos4.15.git24f50b9.el8",
"version": "0:1.28.4-8.rhaos4.15.git24f50b9.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1244,7 +1244,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.28.0-3.1.el9",
"version": "0:1.28.0-3.1.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1314,7 +1314,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4:1.1.12-1.1.rhaos4.15.el9",
"version": "4:1.1.12-1.1.rhaos4.15.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1328,7 +1328,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2:1.11.2-21.2.rhaos4.15.el8",
"version": "2:1.11.2-21.2.rhaos4.15.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"

2
2024/25xxx/CVE-2024-25633.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "eLabFTW is an open source electronic lab notebook for research labs. In an eLabFTW system, one might disallow user creation except for by system administrators, administrators and trusted services. If administrators are allowed to create new users (which is the default), the vulnerability allows any user to create new users in teams where they are members. The new users are automatically validated and administrators are not notified. This can allow a user with permanent or temporary access to a user account or API key to maintain persistence in an eLabFTW system. Additionally, it allows the user to create separate account under a different name, and produce misleading revision histories. No additional privileges are granted to the new user. Users should upgrade to version 5.0.0 to receive a patch. As a workaround, disabling both options that allow *administrators* to create users will provide a mitigation."
"value": "eLabFTW is an open source electronic lab notebook for research labs. In an eLabFTW system, one can configure who is allowed to create new user accounts. A vulnerability has been found starting in version 4.4.0 and prior to version 5.0.0 that allows regular users to create new, validated accounts in their team. If the system has anonymous access enabled (disabled by default) an unauthenticated user can create regular users in any team. This vulnerability has been fixed since version 5.0.0, released on February 17th 2024. Some workarounds are available. Disabling both options that allow *administrators* to create users will provide a mitigation. Additionally, disabling anonymous user access will stop anonymous access (including using existing access keys)."
}
]
},

8
2024/39xxx/CVE-2024-39306.json
View File

@ -1,17 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-39306",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-39304. Reason: This candidate is a duplicate of CVE-2024-39304. Notes: All CVE users should reference CVE-2024-39304 instead of this candidate. This CVE was issued to a vulnerability that is dependent on CVE-2024-39304. According to rule 4.2.15 of the CVE CNA rules, \"CNAs MUST NOT assign a different CVE ID to a Vulnerability that is fully interdependent with another Vulnerability. The Vulnerabilities are effectively the same single Vulnerability and MUST use one CVE ID.\""
}
]
}

8
2024/43xxx/CVE-2024-43372.json
View File

@ -1,17 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-43372",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-43369. Reason: This candidate is a duplicate of CVE-2024-43369. Notes: All CVE users should reference CVE-2024-43369 instead of this candidate. This CVE was issued to a vulnerability that is dependent on CVE-2024-43369. According to rule 4.2.15 of the CVE CNA rules, \"CNAs MUST NOT assign a different CVE ID to a Vulnerability that is fully interdependent with another Vulnerability. The Vulnerabilities are effectively the same single Vulnerability and MUST use one CVE ID.\""
}
]
}

8
2024/5xxx/CVE-2024-5142.json
View File

@ -42,7 +42,7 @@
{
"version_affected": "<",
"version_name": "0",
"version_value": "5.0.3.8"
"version_value": "5.0.6.0"
}
]
}
@ -80,5 +80,11 @@
],
"value": "Update to patched version"
}
],
"credits": [
{
"lang": "en",
"value": "Wesley R @ Resillion"
}
]
}

4
2024/7xxx/CVE-2024-7300.json
View File

@ -11,11 +11,11 @@
"description_data": [
{
"lang": "eng",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in Bolt CMS 3.7.1. Affected is an unknown function of the file /bolt/editcontent/showcases of the component Showcase Creation Handler. The manipulation of the argument textarea leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273168. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in Bolt CMS 3.7.1. Affected is an unknown function of the file /bolt/editcontent/showcases of the component Showcase Creation Handler. The manipulation of the argument title/textarea leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life."
},
{
"lang": "deu",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Es wurde eine problematische Schwachstelle in Bolt CMS 3.7.1 entdeckt. Dabei betrifft es einen unbekannter Codeteil der Datei /bolt/editcontent/showcases der Komponente Showcase Creation Handler. Mittels dem Manipulieren des Arguments textarea mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Es wurde eine problematische Schwachstelle in Bolt CMS 3.7.1 entdeckt. Dabei betrifft es einen unbekannter Codeteil der Datei /bolt/editcontent/showcases der Komponente Showcase Creation Handler. Mittels dem Manipulieren des Arguments title/textarea mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},

18
2024/7xxx/CVE-2024-7924.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7924",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7925.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7925",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7926.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7926",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7927.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7927",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7928.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7928",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/7xxx/CVE-2024-7929.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7929",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}