diff --git a/2018/14xxx/CVE-2018-14335.json b/2018/14xxx/CVE-2018-14335.json index b64f8a26336..b5583d479c0 100644 --- a/2018/14xxx/CVE-2018-14335.json +++ b/2018/14xxx/CVE-2018-14335.json @@ -71,6 +71,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0727", "url": "https://access.redhat.com/errata/RHSA-2020:0727" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20240726-0003/", + "url": "https://security.netapp.com/advisory/ntap-20240726-0003/" } ] } diff --git a/2024/40xxx/CVE-2024-40897.json b/2024/40xxx/CVE-2024-40897.json index 1a685bcf6b1..02e20aff32f 100644 --- a/2024/40xxx/CVE-2024-40897.json +++ b/2024/40xxx/CVE-2024-40897.json @@ -67,6 +67,11 @@ "url": "https://jvn.jp/en/jp/JVN02030803/", "refsource": "MISC", "name": "https://jvn.jp/en/jp/JVN02030803/" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/07/26/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2024/07/26/1" } ] } diff --git a/2024/4xxx/CVE-2024-4032.json b/2024/4xxx/CVE-2024-4032.json index c5a65f1f2ff..4ac25365304 100644 --- a/2024/4xxx/CVE-2024-4032.json +++ b/2024/4xxx/CVE-2024-4032.json @@ -118,6 +118,11 @@ "url": "http://www.openwall.com/lists/oss-security/2024/06/17/3", "refsource": "MISC", "name": "http://www.openwall.com/lists/oss-security/2024/06/17/3" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240726-0004/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240726-0004/" } ] }, diff --git a/2024/5xxx/CVE-2024-5458.json b/2024/5xxx/CVE-2024-5458.json index f9dd9ee85a8..e965cfa9abb 100644 --- a/2024/5xxx/CVE-2024-5458.json +++ b/2024/5xxx/CVE-2024-5458.json @@ -99,6 +99,11 @@ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00009.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2024/06/msg00009.html" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240726-0001/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240726-0001/" } ] }, diff --git a/2024/5xxx/CVE-2024-5585.json b/2024/5xxx/CVE-2024-5585.json index 6a94bccbf21..508b8c22cfe 100644 --- a/2024/5xxx/CVE-2024-5585.json +++ b/2024/5xxx/CVE-2024-5585.json @@ -104,6 +104,11 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240726-0002/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240726-0002/" } ] }, diff --git a/2024/5xxx/CVE-2024-5642.json b/2024/5xxx/CVE-2024-5642.json index 810de5b3a43..23841eb9bbd 100644 --- a/2024/5xxx/CVE-2024-5642.json +++ b/2024/5xxx/CVE-2024-5642.json @@ -83,6 +83,11 @@ "url": "https://github.com/python/cpython/issues/121227", "refsource": "MISC", "name": "https://github.com/python/cpython/issues/121227" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240726-0005/", + "refsource": "MISC", + "name": "https://security.netapp.com/advisory/ntap-20240726-0005/" } ] }, diff --git a/2024/7xxx/CVE-2024-7128.json b/2024/7xxx/CVE-2024-7128.json index c86cbb0ae6c..fa2594501f8 100644 --- a/2024/7xxx/CVE-2024-7128.json +++ b/2024/7xxx/CVE-2024-7128.json @@ -1,17 +1,107 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7128", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in the Openshift console. Several endpoints in the application use the authHandler() and authHandlerWithUser() middleware functions. When the default authentication provider (\"openShiftAuth\") is set, these functions do not perform any authentication checks, relying instead on the targeted service to handle authentication and authorization. This issue leads to various degrees of data exposure due to a lack of proper credential verification." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat OpenShift Container Platform 3.11", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift Container Platform 4", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-7128", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-7128" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300037", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2300037" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "This issue was discovered by Thibault Guittet (Red Hat)." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2024/7xxx/CVE-2024-7193.json b/2024/7xxx/CVE-2024-7193.json new file mode 100644 index 00000000000..8f354c39820 --- /dev/null +++ b/2024/7xxx/CVE-2024-7193.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-7193", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file