admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-11-25 19:00:31 +00:00
parent edf0ef8aa4
commit 02ab5d0681
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
11 changed files with 381 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2023/26xxx/CVE-2023-26280.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "IBM Jazz Foundation 7.0.2 and 7.0.3\n\n\u00a0could allow a user to change their dashboard using a specially crafted HTTP request due to improper access control."
"value": "IBM Jazz Foundation 7.0.2 and 7.0.3\u00a0could allow a user to change their dashboard using a specially crafted HTTP request due to improper access control."
}
]
},

18
2024/11xxx/CVE-2024-11718.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11718",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/11xxx/CVE-2024-11719.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11719",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/11xxx/CVE-2024-11720.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11720",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/11xxx/CVE-2024-11721.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11721",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

44
2024/1xxx/CVE-2024-1394.json
View File

@ -587,7 +587,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9",
"version": "0:1.25.5-13.1.rhaos4.12.git76343da.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -601,7 +601,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.25.0-2.2.el9",
"version": "0:1.25.0-2.2.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -629,7 +629,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el8",
"version": "0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -671,7 +671,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2:1.9.4-3.2.rhaos4.12.el8",
"version": "2:1.9.4-3.2.rhaos4.12.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -692,7 +692,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "1:1.29.1-2.2.rhaos4.13.el8",
"version": "1:1.29.1-2.2.rhaos4.13.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -720,7 +720,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.26.5-11.1.rhaos4.13.git919cc6e.el9",
"version": "0:1.26.5-11.1.rhaos4.13.git919cc6e.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -776,7 +776,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:4.4.1-5.2.rhaos4.13.el8",
"version": "3:4.4.1-6.2.rhaos4.13.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -804,7 +804,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2:1.11.2-2.2.rhaos4.13.el9",
"version": "2:1.11.2-2.2.rhaos4.13.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -867,7 +867,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.27.0-3.1.el9",
"version": "0:1.27.0-3.1.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -923,7 +923,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:4.4.1-11.3.rhaos4.14.el8",
"version": "3:4.4.1-11.3.rhaos4.14.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -951,7 +951,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "1:1.29.1-10.4.rhaos4.14.el8",
"version": "1:1.29.1-10.4.rhaos4.14.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1007,7 +1007,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.27.4-7.2.rhaos4.14.git082c52f.el8",
"version": "0:1.27.4-7.2.rhaos4.14.git082c52f.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1049,7 +1049,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.14.0-202404160939.p0.g7bee54d.assembly.stream.el9",
"version": "0:4.14.0-202404160939.p0.g7bee54d.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1119,7 +1119,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.14.0-202404151639.p0.g607e2dd.assembly.stream.el9",
"version": "0:4.14.0-202404151639.p0.g607e2dd.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1133,7 +1133,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:4.4.1-11.4.rhaos4.14.el9",
"version": "3:4.4.1-11.4.rhaos4.14.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1147,7 +1147,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4:1.1.12-1.2.rhaos4.14.el8",
"version": "4:1.1.12-1.2.rhaos4.14.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1161,7 +1161,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2:1.11.2-10.4.rhaos4.14.el8",
"version": "2:1.11.2-10.4.rhaos4.14.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1266,7 +1266,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.28.0-3.1.el9",
"version": "0:1.28.0-3.1.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1294,7 +1294,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el8",
"version": "0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1308,7 +1308,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:4.15.0-202403211549.p0.g2e3cca1.assembly.stream.el9",
"version": "0:4.15.0-202403211549.p0.g2e3cca1.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1322,7 +1322,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:4.4.1-21.1.rhaos4.15.el8",
"version": "3:4.4.1-21.1.rhaos4.15.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -1336,7 +1336,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4:1.1.12-1.1.rhaos4.15.el9",
"version": "4:1.1.12-1.1.rhaos4.15.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"

85
2024/32xxx/CVE-2024-32468.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-32468",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Deno is a runtime for JavaScript and TypeScript written in rust. Several cross-site scripting vulnerabilities existed in the `deno_doc` crate which lead to Self-XSS with deno doc --html. 1.) XSS in generated `search_index.js`, `deno_doc` outputs a JavaScript file for searching. However, the generated file used `innerHTML` on unsanitzed HTML input. 2.) XSS via property, method and enum names, `deno_doc` did not sanitize property names, method names and enum names. The first XSS most likely didn't have an impact since `deno doc --html` is expected to be used locally with own packages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "denoland",
"product": {
"product_data": [
{
"product_name": "deno",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "deno_doc: < 0.119.0"
},
{
"version_affected": "=",
"version_value": "deno: < 1.42.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/denoland/deno/security/advisories/GHSA-qqwr-j9mm-fhw6",
"refsource": "MISC",
"name": "https://github.com/denoland/deno/security/advisories/GHSA-qqwr-j9mm-fhw6"
},
{
"url": "https://github.com/denoland/deno_doc/blob/dc556c848831d7ae48f3eff2ababc6e75eb6b73e/src/html/templates/pages/search.js#L120-L144",
"refsource": "MISC",
"name": "https://github.com/denoland/deno_doc/blob/dc556c848831d7ae48f3eff2ababc6e75eb6b73e/src/html/templates/pages/search.js#L120-L144"
}
]
},
"source": {
"advisory": "GHSA-qqwr-j9mm-fhw6",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}

8
2024/3xxx/CVE-2024-3727.json
View File

@ -602,7 +602,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2:1.11.3-3.rhaos4.13.el8",
"version": "2:1.11.3-3.rhaos4.13.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -637,7 +637,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:4.4.1-19.rhaos4.14.el8",
"version": "3:4.4.1-19.rhaos4.14.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -686,7 +686,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "2:1.11.3-4.rhaos4.15.el9",
"version": "2:1.11.3-4.rhaos4.15.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
@ -777,7 +777,7 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:1.29.5-7.rhaos4.16.git7db4ada.el8",
"version": "0:1.29.5-7.rhaos4.16.git7db4ada.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"

78
2024/51xxx/CVE-2024-51723.json
View File

@ -1,17 +1,87 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-51723",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@blackberry.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Stored Cross-Site Scripting (XSS) vulnerability in the Management Console of BlackBerry AtHoc version 7.15 could allow an attacker to potentially execute actions in the context of the victim's session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "BlackBerry",
"product": {
"product_data": [
{
"product_name": "AtHoc",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.15"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://support.blackberry.com/pkb/s/article/140250",
"refsource": "MISC",
"name": "https://support.blackberry.com/pkb/s/article/140250"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
]
}

81
2024/52xxx/CVE-2024-52529.json
View File

@ -1,17 +1,90 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-52529",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For users with the following configuration: 1. An allow policy that selects a Layer 3 destination and a port range `AND` 2. A Layer 7 allow policy that selects a specific port within the first policy's range the Layer 7 enforcement would not occur for the traffic selected by the Layer 7 policy. This issue only affects users who use Cilium's port range functionality, which was introduced in Cilium v1.16. This issue is patched in PR #35150. This issue affects Cilium v1.16 between v1.16.0 and v1.16.3 inclusive. This issue is patched in Cilium v1.16.4. Users are advised to upgrade. Users with network policies that match the pattern described above can work around the issue by rewriting any policies that use port ranges to individually specify the ports permitted for traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755: Improper Handling of Exceptional Conditions",
"cweId": "CWE-755"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "cilium",
"product": {
"product_data": [
{
"product_name": "cilium",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 1.16.0, < 1.16.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-xg58-75qf-9r67",
"refsource": "MISC",
"name": "https://github.com/cilium/cilium/security/advisories/GHSA-xg58-75qf-9r67"
},
{
"url": "https://github.com/cilium/cilium/pull/35150",
"refsource": "MISC",
"name": "https://github.com/cilium/cilium/pull/35150"
}
]
},
"source": {
"advisory": "GHSA-xg58-75qf-9r67",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
]
}

56
2024/53xxx/CVE-2024-53599.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-53599",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-53599",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A cross-site scripting (XSS) vulnerability in the /scroll.php endpoint of LafeLabs Chaos v0.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/NoPurposeInLife/vulnerability_research/tree/main/CVE-2024-53599",
"url": "https://github.com/NoPurposeInLife/vulnerability_research/tree/main/CVE-2024-53599"
}
]
}